Bug Bytes #151 – The one where the Internet is on fire

By Anna Hammond

December 15, 2021

Bug Bytes is a weekly newsletter curated by members of the bug bounty community. The first series is curated by Mariem, better known as PentesterLand. Every week, she keeps us up to date with a comprehensive list of write-ups, tools, tutorials and resources.

CLICK HERE TO SUBSCRIBE

This issue covers the week from December 6 to 13.

Intigriti news

How Intigriti responded to the Log4j vulnerability

Our favorite 5 hacking items

1. Vulnerability of the week

Log4Shell a.k.a CVE-2021-44228

I came back to work from a long weekend only to find a deluge of information on this incredibly impactful RCE in Log4j.

For a quick introduction to the vulnerability, I recommended starting with this lunasec.io article and the first 15 minutes of this SANS video.
If you want more technical details, here is a list of resources I posted on GitHub: pentesterland/Log4Shell.

2. Vulnerability² of the week

CVE-2021-43798 – Path Traversal Vulnerability In Grafana, Grafana update & How to Identify and Exploit it

@j0v0x0 just published a writeup on how he discovered CVE-2021-43798 using source code review and Web fuzzing. It is a great read to understand the context behind the vulnerability.
If you’re more interested in looking for it in pentest targets or bug bounty programs, check out @nahamsec‘s awesome video tutorial.

3. Writeup of the week

Don’t Reply: A Clever Phishing Method In Apple’s Mail App (Apple, $5,000)

$5k for a bug bounty report on phishing, that’s not so common! It is understandable though.
@jon_bottarini got a hint from @samwcyo that it was possible (at the time) to load PHP files inside <img> tags. This behavior could be exploited to create extremely credible phishing emails targetting Apple Mail.

4. Video of the week

How hackers pollute your code.

@PwnFunction is back with a new video on prototype pollution. As usual, a very informative and clear explanation of an interesting bug class.

5. Webinar of the week

Ed Theory for Hackers: What a Teacher Wants Infosec to Know | Michael Taggart

If you’re struggling with the high learning curve in InfoSec, you will find this webinar enlightening. It is about learning how to learn, creating a learning plan, and common pitfalls that might be hindering your progress.

SHARE ON TWITTER

Other amazing things we stumbled upon this week

Videos

Webinars

Tutorials

Writeups

Challenge writeups

Responsible(ish) disclosure writeups

Bug bounty writeups

See more writeups on The list of bug bounty writeups.

Tools

  • HeySerial & Intro: Systematically Hunting for Deserialization Exploits

  • whoc: A container image that exfiltrates the underlying container runtime to a remote server

  • SAPP (Static Analysis Post Processor): Takes the raw results of Facebook’s static analysis tool Pysa, and makes them explorable both through a CLI and a web UI

  • Dependency Combobulator: Open-Source, modular and extensible framework to detect and prevent dependency confusion leakage and potential attacks

  • GoTestWAF: Golang project to test different WAFs for detection logic and bypasses

Tips & Tweets

Misc. pentest & bug bounty resources

Articles

Challenges

Bug bounty & Pentest news

Non technical

You may also like