Friday, July 21
PoC’s galore. Jam packed ZD today. Enjoy and TGIF!
TOP STOR(IES)
Stealing Access Token of One-drive Integration By Chaining CSRF Vulnerability by @arbazhussain
4 Methods to Bypass two factor Authentication by @shahmeeramir
How i Hacked into a PayPal Server - Unrestricted File Upload to Remote Code Execution By @VikzSharma
HACKTIVITY
Frans visits vegas Announcement [85 upvotes] - no bounty for this report to Frans Visits Vegas by @fransrosen. Frans drops knowledge in a live workshop on 7/26/17 from the Las Vegas strip: How To Win Over Security Teams and Gain Influence as a Hacker. Ask your questions via reporting to the program!
Email Injection through Password Reset [19 upvotes] - no bounty for this report to Waka time by @footstep. Sneaky injection into a password reset email using the XFF header.
You can see all the latest and greatest disclosures and bounties on www.hackerone.com/hacktivity
TWEET OF THE DAY
IF you don't really need it to connect to the Internet, don't connect it to the Internet. - @OrinKerr
OTHER ARTICLES WE’RE READING
Victor Gevers reports vulnerabilities. That’s what he does. So we pitched in to help send him to DEF CON.
Hanno Böck tricked Symantec with a Fake Private Key. Nice one Hanno. Symantec even responded with a blog post.
s3enum by koenrh
ABOUT ZERO DAILY
Zero Daily is a daily newsletter that highlights application security, bug bounty, and hacker focused topics. The content is curated with love by @luketucker and brought to you by HackerOne.
Friends don’t keep good things to themselves - forward this to your homies and co-workers. BTW, want to see who runs bug bounties?
Have a news tip / story to highlight? We’d love to hear about it. Email: zerodaily@hackerone.com
Get this email forwarded to you? Click here to subscribe to the Zero Daily
To make my report less suspicious I searched Pastebin for real, compromised private keys belonging to certificates. This again shows how problematic the leakage of private keys is: I easily found seven private keys for Comodo certificates and three for Symantec certificates, plus several more for other certificate authorities, which I also reported. These additional keys allowed me to make my report to Symantec and Comodo less suspicious: I could hide my fake key report within other legitimate reports about a key compromise.
HackerOne is the #1 hacker-powered security platform, helping organizations find and fix critical vulnerabilities before they can be criminally exploited. As the contemporary alternative to traditional penetration testing, our bug bounty program solutions encompass vulnerability assessment, crowdsourced testing and responsible disclosure management. Discover more about our security testing solutions or Contact Us today.