Bug Bytes #213 – Hacking a Prison, XSS on steroids, CAIDO free for students and Bogus CVEs
By travisintigriti
October 4, 2023
Bug Bytes is a weekly newsletter curated by members of the bug bounty community. The second series is curated by InsiderPhD. Every week, she keeps us up to date with a comprehensive list of write-ups, tools, tutorials and resources.
This issue covers the week from September 25th to October 1st
Intigriti News
Yahoo picks Intigriti to run crowdsourced bug bounty programme
We’re joining forces with TCM Security to educate the next generation of bug bounty talent
JWT algorithm confusion? What can we do when the server doesn’t expose a public key
From my notebook
Bug Bounty Stories (EP2): Hacking a Prison – NahamSec shows us why reading the javascript is important
Bounty of an Insecure WebView (Part 1): XSS, but with Steroids – A fun XSS in a mobile apps WebView causes an interesting XSS vector
CAIDO launches a student plan! – If you’re a student you can get CAIDO for free, simply email them proof of student status
The bogus CVE problem [LWN.net] – While the CVE system is crucial for tracking vulnerabilities, not every entry is submitted in good faith
Input Validation: Necessary but Not Sufficient; It Doesn’t Target the Fundamental Issue – Input validation is an important method for stopping some vulnerabilities, but that doesn’t mean it’s akkways the right choice!
Authentication Vulnerabilities – Lab #11 Password reset poisoning via middleware | Long Version
Being careful with brute-forcing identifiers #bugbounty #bugbountytips #bugbountyhunter
The Penetration Test That Went Horribly Wrong🎙Darknet Diaries Ep. 95: Jon & Brian’s Big Adventure
You don’t always have to predict the identifier #bugbounty #bugbountytips #bugbountyhunter
MGM and Caesars Hacked! Crypto Scam costs Mark Cuban Big Time, & more!
Top hunters think about everything when submitting a report #bugbounty #bugbountytips
Unveiling Vulnerabilities: Exploring Tech and Human Weaknesses within Organizations
Charting Your Path in Cybersecurity: Navigating Certifications, Degrees, and Education
Do not forget about this attack scenario #bugbounty #bugbountytips #bugbountyhunter
215 – DEF CON, HardwearIO, Broken Caching, and Dropping Headers
EP140 System Hardening at Google Scale: New Challenges, New Solutions
Beginner
Intermediate
Advanced
Security Research
Chrome’s Vulnerability: When a Single Click Exposes Your Deepest Secrets (CVE-2020–6547)
Details QA should share when reporting a bug for efficient resolution
Get persistent reverse shell from Android app without visible permissions to make device unusable
Getting RCE in Chrome with incorrect side effect in the JIT compiler
Malicious npm Packages Strike Again: Exfiltrating Kubernetes Configurations and SSH Keys
Exploiting ASP.NET TemplateParser – Part I: Sitecore (CVE-2023-35813)
The De Vinci of DirtyPipe Local Privilege Escalation – CVE-2022-0847
CVE-2023-36664: Command injection with Ghostscript PoC + exploit
Bugs
Frontend Fumbles: The 250$ Curious Case of API Key Permissions.
IDOR and Mass Assignment attacks leads to Full Account Takeover of Internal Employees
You can add extra zeroes. XSS bypass on a private bug bounty program
Decrypting Requests, Manipulating Responses to Gaining Super Admin Access
Uncovering Critical Security Gaps: How I Gained Admin Privileges
How I exploited CVE-2023–36845 and got root access in one domain.
Mixin Network’s $20 Million Bug Bounty: A Crypto Tale of Redemption
CTF challenges
Exploring TLSX by Projectdiscovery: A Powerful Tool for Security Enthusiasts
SocketSleuth: Improving security testing for WebSocket applications
Skyhook – A Round-Trip Obfuscated HTTP File Transfer Setup Built To Bypass IDS Detections
Pinkerton – An JavaScript File Crawler And Secret Finder Developed In Python
Promptmap – Automatically Tests Prompt Injection Attacks On ChatGPT Instances
You may also like
Intigriti Bug Bytes #219 - December 2024 🎅
December 13, 2024
Bug Bytes #218 – Advent of Cyber, RCEs and hacking poems
December 6, 2023