By travisintigriti
October 26, 2022
Bug Bytes is a weekly newsletter curated by members of the bug bounty community. The second series is curated by InsiderPhD. Every week, she keeps us up to date with a comprehensive list of write-ups, tools, tutorials and resources.
This issue covers the weeks from October 16th until October 22nd.
Intigriti News
From my notebook
DEF CON 30 – Eugene Lim- You Have 1 New Appwntment – Hacking Proprietary iCalendar Properties & DEF CON 30 – Sick Codes – Hacking the Farm = Breaking Badly into Agricultural Devices If I had to pick the two stand out talks for me at DEFCON this year these are the two that I think about weekly since the summer, and also I actually used some of the tips in the ical video to find a bug! My tip for you reading is to check if apps automatically scan emails or similar to make calendar events.
Broken Access Control testing by ShreKy & Google VRP — [Insecure Direct Object Reference] $3133.70
How I Got $10,000 From GitHub For Bypassing Filtration oF HTML tags
23000$ for Authentication Bypass & File Upload & Arbitrary File Overwrite
Other Amazing Things
DEFCON Releases videos from DEFCON 30 August 2022 – here’s just a small selection that interested me
DEF CON 30 BiC Village – Ochuan Marshall – The Last Log4J Talk You Ever Need
DEF CON 30 – James Kettle – Browser-Powered Desync Attacks: A New Frontier in HTTP Request Smuggling
DEF CON 30 – Orange Tsai – Let’s Dance in the Cache – Destabilizing Hash Table on Microsoft IIS
DEF CON 30 – Michael Bargury – Low Code High Risk – Enterprise Donation via Low Code Abuse
DEF CON 30 – Jeffrey Hofmann – PreAuth RCE Chains on an MDM – KACE SMA
DEF CON 30 – Samuel Erb, Justin Gardner – Crossing the KASM – a Webapp Pentest Story
DEF CON 30 – Thomas Roth , Solana – JIT – Lessons from fuzzing a smart contract compiler
DEF CON 30 – Richard Thieme – UFOs, Alien Life, and the Least Untruthful Things I Can Say
DEF CON 30 – stacksmashing – The Hitchhacker’s Guide to iPhone Lightning and JTAG Hacking
DEF CON 30 Retail Hacking Village – Spicy Wasabi – Rock The Cash Box
CYBER When the Video Game Reaches Out to Ask You to Spend More Money
Smashing Security 294: The Virgin trains swindler, cyber clowns, and AirTag election debacle
PHP filters chain: What is it and how to use it (deserialisation)
Practical Guide to Malware Analysis and Reverse Engineering(Analyzing VBA“Macros” Code P-2.2)
Burp Suite? No Thanks! Blind SQLi in DVWA With Python (Part 1)
OTP in forget password | how to bypass OTP verification | OTP poc
“Zero-Days” Without Incident – Compromising Angular via Expired npm Publisher Email Domains
I found a bug that would let me fetch any users password reset link
GitHub – Crypto-Cat/CTF: CTF chall write-ups, files, scripts etc (trying to be more organised LOL)
Extract e-mail addresses from a large JSON file – Zero Day Hacker
Paranoids (Yahoo) promotions until the end of the year
First 75 hackers of the month between October and the end of the year get a 25% bonus
First 10 mobile app reports 50% bonus
Submit a nuclei template for a 10% bonus
Welcome back bonus coming soon
Login spoofing issue in GitHub nets researcher $10k bug bounty reward
Dangerous hole in Apache Commons Text – like Log4Shell all over again