Bug Bytes is a weekly newsletter curated by members of the bug bounty community. The first series is curated by Mariem, better known as PentesterLand. Every week, she keeps us up to date with a comprehensive list of write-ups, tools, tutorials and resources.
This issue covers the week from 18 to 25 of January.
Our favorite 5 hacking items
1. Videos of the week
Insecure Deserialization Attack Explained
Live Recon on Snapchat with @ITSecurityGuard (amass, FFUF, SecurityTrails Demo)
@PwnFunction is back with an awesome video tutorial on deserialization. It is concise and maybe the best explanation I’ve seen on this rather complex vulnerability class.
The other video is the first of a new series by @NahamSec where he hacks live with a fellow bug hunter (@ITSecurityGuard this time). This is a fantastic idea, like a practical interview or walkthrough to see how other hackers work.
2. Writeup of the week
The Secret Parameter, LFR, and Potential RCE in NodeJS Apps
This is an informative writeup by @0xCaptainFreak on Local File Read in NodeJS apps, when ExpressJS is used with hbs (view engine for Handlebars). Without spoiling it more, can you find the issue in this code that reproduces the bug?
3. Article of the week
Cache poisoning in popular open source packages
@snyksec dived into Web cache poisoning in open source packages and found several well known frameworks vulnerable. For example, Botlle, Tornado and Rack all use “parse_qsl” an insecure method in Python’s source code that makes them vulnerable to cache poisoning attacks.
4. Tip of the week
Another way to do HTTP smuggling
@BitK_ shared a new HTTP smuggling technique that @albinowax interprets as “Golang’s network stack attempting to “parse HTTP headers as ~UTF-8 even though everyone else treats them as ASCII”. It is yet to be confirmed but looks like a very interesting area to explore.
5. Tool of the week
New week, new Burp customizer extension! This one from @irsdl adds cool features like the ability to change Burp’s title and icon, to change the style of tabs and use pretty Gradient icons.
Other amazing things we stumbled upon this week
Webinars & Webcasts
Medium to advanced
Responsible(ish) disclosure writeups
Bug bounty writeups
See more writeups on The list of bug bounty writeups.
Misc. pentest & bug bounty resources
Bug bounty & Pentest news
Community pick of the week
Nice beanie there @xsstnv!
We love hearing from you and celebrating your wins. Tag us if you also want to share your swag and bug hunting joys with other Bug Bytes readers.