Hey hackers! Here are our favorite resources shared this week by pentesters & bug bounty hunters. It covers the week from to the 22th to the 28th of June.
There are some goodies in this one, it was a lot of fun to compile it.
Our favorite 5 hacking items
1. Videos of the week
HackerOne Hacker Interviews by Hackerone
I absolutely LOVE watching these interviews! They’re not too long and remind me of a non technical version of Bugbountyforum’s AMAs.
I am in the process of becoming a full-time pentester/bug bounty hunter/ independant security researcher. This is my passion and a 100% what I want & need, but it involves a lot of work and some loneliness in the sense that almost all people around me do not even understand what I do. So watching these amazing people tell their own stories inspires me to keep going on and makes me feel I’m part of a beautiful community.
This is a walkthrough of Bsides Vancouver 2018, a beginner boot2root challenge. It was used by Mohamed Shahat (@Abatchy) in a workshop during Bsides Vancouver 2018.
It’s an easy challenge, but since there are 2 distinct ways to obtain root, this is a nice opportunity to test for different vulnerabilities and try different tools.
LITTLE WARNING: This is going to be a crazy long walkthrough because I’m going to detail my methodology (pentest style) including what didn’t work, as well as many different tools and manual exploitation techniques (because you can’t rely too much on tools).
I want to give you as many ideas as possible that you can later apply on real-life penetration tests, and not just what “magically” works.
If you’re working on a challenge, vulnerable VM or CTF, you probably won’t know its IP address and won’t be able to get it with
ifconfig because generally login credentials are not disclosed. So this is a basic tutorial on how to “guess” the IP address of a downloaded virtual machine that has DHCP enabled.
If you’re a seasoned pentester/bug bounty hunter/CTFer, this blog post is clearly not for you. It is addressed to anyone starting in InfoSec, whether you’re trying a first boot2root challenge or preparing for a job interview.
Why I am choosing this topic? Because everybody has to start somewhere. In my last corporate job, I created an intentionally vulnerable VM to assess the experience and technical level of applicants for a pentester job. The only information they had, was that the VM has DHCP enabled and their task was to find the maximum number of vulnerabilities.
To my surprise, many of them did not know where to start and asked for the IP address of the VM or the login credentials!
Hey hackers! Here’s our collection of the best resources shared this week by pentesters & bug bounty hunters. It covers the week from to the 15th to the 22th of June.
Have a good reading!
Our favorite 5 hacking items
1. Tutorial of the week
Credential stealing with XSS without user interaction
This is not a new technique, but it’s a good exploitation scenario to show one pratical risk of XSS vulnerabilities. From experience, using
<script>alert(0)</script> in pentest reports is not very convincing for clients.
I try to always include proof of concepts that show what exactly is possible on the particular context being tested: redirection, iframe inclusion, cookie theft, credentials theft from the browser, etc.
Hi, these are the notes I took while watching the “Trickle Down PwnOnomics” talk given by Darrell Damstedt (aka Hateshape) on LevelUp 0x02 / 2018.
- This talk is about how Hateshape “went from having zero bug bounty experience to regularly experiencing ($$$) success”.
- Trickle Down Pwnonomics: A theory promoting the discovery and reduction of vulnerabilities on a bug bounty program as a means to stimulate my bank account.