Bug Bytes #203 – CVSS 4.0, MOVEIt and How CI/CD Pipelines Go Wrong
By travisintigriti
June 14, 2023
Bug Bytes is a weekly newsletter curated by members of the bug bounty community. The second series is curated by InsiderPhD. Every week, she keeps us up to date with a comprehensive list of write-ups, tools, tutorials and resources.
This issue covers the weeks from May 29th to June 11th
Intigriti News
Let’s take a look at why this XSS won’t execute, Another day, another XSS payload that won’t execute
Why might we want a rooted device when testing an Android app?
From my notebook
No real theme this week, here’s some of the most interesting stuff I read!
Authentication Bypass Using Root Array – This is a deep dive into a #bugbountytips tweet diving in to the how and why of this authentication issue
CSP Bypass Unveiled: The Hidden Threat of Bookmarklets – I LOVE bookmarklets they’re a combination of javascript and a bookmark to make dynamic bookmarks, anyway here’s bookmarklet malware
Hacking AI: System Takeover in MLflow Strikes Again (And Again) – Good write up of an AI security bug!
Common Vulnerability Scoring System – CVSS has been updated to version 4, here are the changes
Casey Ellis: Pioneering The Bug Bounty Platform To Empower Ethical Hackers – Great podcast episode on the history of bug bounty hunting and a reminder of how dire disclosure used to be!
Patch Diffing Progress MOVEIt Transfer RCE (CVE-2023-34362) – OKAY extra bonus for this week, analysing the patch notes to reverse engineer the MoveIt bug
Who should consider a career as a full-time bug bounty hunter? (shorts)
OWASP API Top 10 Updates (shorts)
The most common mistake of beginner security researchers? (shorts)
What does Shubs pay attention to when recruiting security researchers? (shorts)
NO. 384 — World AI Coin, Russian Power Attacks, Guidance AI Workflow…
Hacker, Researcher, Educator, Entrepreneur, a Glimpse into The World of Vivek Ramachandran
Beginner
Ödül Avcılığı — Subdomain Keşfi (Turkish)
Ödül Avcılığı — File Upload XSS (Turkish)
Intermediate
Discover Sensitive Information on GitHub (Indonesian)
Hacking Web Apps: Understanding Cross-Site Request Forgery (CSRF) Vulnerabilities
How to Detect and Mitigate SSRF Vulnerabilities in the Early Coding Cycle: A Comprehensive Guide
Understanding and Mitigating XXE Vulnerabilities via File Uploads
Uncovering the Secrets : The Potential of Web Archive in Bug Bounty Programs
Understanding Path Traversal Vulnerabilities and Their Exploitation
Advanced
Build Centralized Security Workflows in Github: A tale of Reusable Workflows
Exploring a Lesser-Known Blockchain Vulnerability: The Vector Attack | Karthikeyan Nagaraj
Unveiling a Lesser-Known Blockchain Vulnerability: The Blockchain Time Warp Attack
Understanding a Lesser-Known Blockchain Vulnerability: Timestamp Manipulation
Security Research
Bugs
CVE-2021–44521: Apache Cassandra Remote Code Execution from vsociety
Turning a 50$ Tab-Nabbing vulnerability into a 1000$ Account takeover
How Hackers can exploit Caching x Race-Conditions for followers count manipulation on Twitter
[TR] Bulduğum Price Manipulation of Products zafiyeti (Turkish)
A Story of API Key Leak in Page Source, Exploitation, Duplicate and Bounty.
Breaking TikTok: Our Journey to Finding an Account Takeover Vulnerability
How a misconfigured Lotus Domino Server can lead to Disclosure of PII Data of Employees
Automated Monitoring + Time = Bug, the bug on HackerOne Target (8×8)
CTF challenges
Burp-Dom-Scanner – Burp Suite’s Extension To Scan And Crawl Single Page Applications
LinkedInDumper – Tool To Dump Company Employees From LinkedIn API
Find creds on a red team campaign? Want to do more with them?
Bug bounty hunters: want a #bugbountytip on finding the right public programs to participate in?
Thousands of government websites are still vulnerable to CVE-2023-25157
If you’re only using Nuclei for HTTP requests, you’re missing out!
If you are a beginner in bug bounty I recommend don’t ever buy any courses, nor look for mentors
JSend – Burpsuite Community extension to fetch endpoints from all URL’s from Proxy
You may also like
Intigriti Bug Bytes #219 - December 2024 🎅
December 13, 2024
Bug Bytes #218 – Advent of Cyber, RCEs and hacking poems
December 6, 2023