Hacking, AppSec, and Bug Bounty newsletter
2017-07-21 | Fake private keys, USDS 2017 report to congress, and Frans visits Vegas
Friday, July 21
PoC’s galore. Jam packed ZD today. Enjoy and TGIF!
4 Methods to Bypass two factor Authentication by @shahmeeramir
Frans visits vegas Announcement [85 upvotes] - no bounty for this report to Frans Visits Vegas by @fransrosen. Frans drops knowledge in a live workshop on 7/26/17 from the Las Vegas strip: How To Win Over Security Teams and Gain Influence as a Hacker. Ask your questions via reporting to the program!
Email Injection through Password Reset [19 upvotes] - no bounty for this report to Waka time by @footstep. Sneaky injection into a password reset email using the XFF header.
You can see all the latest and greatest disclosures and bounties on www.hackerone.com/hacktivity
TWEET OF THE DAY
IF you don't really need it to connect to the Internet, don't connect it to the Internet. - @OrinKerr
OTHER ARTICLES WE’RE READING
Victor Gevers reports vulnerabilities. That’s what he does. So we pitched in to help send him to DEF CON.
s3enum by koenrh
ABOUT ZERO DAILY
Zero Daily is a daily newsletter that highlights application security, bug bounty, and hacker focused topics. The content is curated with love by @luketucker and brought to you by HackerOne.
Friends don’t keep good things to themselves - forward this to your homies and co-workers. BTW, want to see who runs bug bounties?
Have a news tip / story to highlight? We’d love to hear about it. Email: firstname.lastname@example.org
Get this email forwarded to you? Click here to subscribe to the Zero Daily
To make my report less suspicious I searched Pastebin for real, compromised private keys belonging to certificates. This again shows how problematic the leakage of private keys is: I easily found seven private keys for Comodo certificates and three for Symantec certificates, plus several more for other certificate authorities, which I also reported. These additional keys allowed me to make my report to Symantec and Comodo less suspicious: I could hide my fake key report within other legitimate reports about a key compromise.
HackerOne is the #1 hacker-powered security platform, helping organizations find and fix critical vulnerabilities before they can be criminally exploited. As the contemporary alternative to traditional penetration testing, our bug bounty program solutions encompass vulnerability assessment, crowdsourced testing and responsible disclosure management. Discover more about our security testing solutions or Contact Us today.