Hacking, AppSec, and Bug Bounty newsletter

2017-07-21 | Fake private keys, USDS 2017 report to congress, and Frans visits Vegas

Friday, July 21

PoC’s galore. Jam packed ZD today. Enjoy and TGIF!



  • Frans visits vegas Announcement [85 upvotes] - no bounty for this report to Frans Visits Vegas by @fransrosen. Frans drops knowledge in a live workshop on 7/26/17 from the Las Vegas strip: How To Win Over Security Teams and Gain Influence as a Hacker. Ask your questions via reporting to the program!

  • Email Injection through Password Reset [19 upvotes] - no bounty for this report to Waka time by @footstep. Sneaky injection into a password reset email using the XFF header.

You can see all the latest and greatest disclosures and bounties on


  • IF you don't really need it to connect to the Internet, don't connect it to the Internet. - @OrinKerr



Zero Daily is a daily newsletter that highlights application security, bug bounty, and hacker focused topics. The content is curated with love by @luketucker and brought to you by HackerOne.

Friends don’t keep good things to themselves - forward this to your homies and co-workers. BTW, want to see who runs bug bounties?

Have a news tip / story to highlight? We’d love to hear about it. Email:

Get this email forwarded to you? Click here to subscribe to the Zero Daily


To make my report less suspicious I searched Pastebin for real, compromised private keys belonging to certificates. This again shows how problematic the leakage of private keys is: I easily found seven private keys for Comodo certificates and three for Symantec certificates, plus several more for other certificate authorities, which I also reported. These additional keys allowed me to make my report to Symantec and Comodo less suspicious: I could hide my fake key report within other legitimate reports about a key compromise.

Hanno Böck


HackerOne is the #1 hacker-powered security platform, helping organizations find and fix critical vulnerabilities before they can be criminally exploited. As the contemporary alternative to traditional penetration testing, our bug bounty program solutions encompass vulnerability assessment, crowdsourced testing and responsible disclosure management. Discover more about our security testing solutions or Contact Us today.