Wednesday, May 31, 2023

How Do I Get Started With Bug Bounty ?

How do I get started with bug bounty hunting? How do I improve my skills?



These are some simple steps that every bug bounty hunter can use to get started and improve their skills:

Learn to make it; then break it!
A major chunk of the hacker's mindset consists of wanting to learn more. In order to really exploit issues and discover further potential vulnerabilities, hackers are encouraged to learn to build what they are targeting. By doing this, there is a greater likelihood that hacker will understand the component being targeted and where most issues appear. For example, when people ask me how to take over a sub-domain, I make sure they understand the Domain Name System (DNS) first and let them set up their own website to play around attempting to "claim" that domain.

Read books. Lots of books.
One way to get better is by reading fellow hunters' and hackers' write-ups. Follow /r/netsec and Twitter for fantastic write-ups ranging from a variety of security-related topics that will not only motivate you but help you improve. For a list of good books to read, please refer to "What books should I read?".

Join discussions and ask questions.
As you may be aware, the information security community is full of interesting discussions ranging from breaches to surveillance, and further. The bug bounty community consists of hunters, security analysts, and platform staff helping one and another get better at what they do. There are two very popular bug bounty forums: Bug Bounty Forum and Bug Bounty World.

Participate in open source projects; learn to code.
Go to https://github.com/explore or https://gitlab.com/explore/projects and pick a project to contribute to. By doing so you will improve your general coding and communication skills. On top of that, read https://learnpythonthehardway.org/ and https://linuxjourney.com/.

Help others. If you can teach it, you have mastered it.
Once you discover something new and believe others would benefit from learning about your discovery, publish a write-up about it. Not only will you help others, you will learn to really master the topic because you can actually explain it properly.

Smile when you get feedback and use it to your advantage.
The bug bounty community is full of people wanting to help others so do not be surprised if someone gives you some constructive feedback about your work. Learn from your mistakes and in doing so use it to your advantage. I have a little physical notebook where I keep track of the little things that I learnt during the day and the feedback that people gave me.


Learn to approach a target.
The first step when approaching a target is always going to be reconnaissance — preliminary gathering of information about the target. If the target is a web application, start by browsing around like a normal user and get to know the website's purpose. Then you can start enumerating endpoints such as sub-domains, ports and web paths.

A woodsman was once asked, "What would you do if you had just five minutes to chop down a tree?" He answered, "I would spend the first two and a half minutes sharpening my axe."
As you progress, you will start to notice patterns and find yourself refining your hunting methodology. You will probably also start automating a lot of the repetitive tasks.

More info


  1. Hacker Techniques Tools And Incident Handling
  2. Hacking Tools For Windows Free Download
  3. Hack Rom Tools
  4. Hacker Tools List
  5. Physical Pentest Tools
  6. Hacker Tools Online
  7. Tools For Hacker
  8. Wifi Hacker Tools For Windows
  9. Hack Tools Download
  10. Nsa Hacker Tools
  11. Hacking Tools Usb
  12. Hack Tool Apk
  13. Wifi Hacker Tools For Windows
  14. Hack Tool Apk No Root
  15. Hacker Tools 2020
  16. Hack Tool Apk
  17. Hacker Tools For Windows
  18. Usb Pentest Tools
  19. Pentest Tools Nmap
  20. Nsa Hack Tools
  21. Hacker Search Tools
  22. Hack Tools For Games
  23. Hacking Tools Windows
  24. Pentest Tools Kali Linux
  25. Hacking Tools Software
  26. Hacking Tools Name
  27. Easy Hack Tools
  28. Hackrf Tools
  29. Pentest Tools Subdomain
  30. Hack Tools Pc
  31. Hack Tools 2019
  32. Pentest Tools Find Subdomains
  33. Free Pentest Tools For Windows
  34. Hacker Tools 2019
  35. Hacking App
  36. Hacking Tools 2019
  37. Pentest Tools Framework
  38. Hacking Tools For Windows 7
  39. Bluetooth Hacking Tools Kali
  40. Hacking Tools For Kali Linux
  41. Blackhat Hacker Tools
  42. Pentest Tools Alternative
  43. Hacker Tools 2019
  44. Hacking Tools Download
  45. Hacking Tools Software
  46. Hacking Tools Windows
  47. Game Hacking
  48. Computer Hacker
  49. Hacking Tools Mac
  50. Pentest Tools Alternative
  51. Hak5 Tools
  52. Hack Tools Online
  53. Pentest Tools Framework
  54. Pentest Tools Free
  55. Pentest Tools Windows
  56. Hacker Tools Software
  57. Pentest Tools Android
  58. Pentest Tools For Windows
  59. Hacking Tools Github
  60. Hack Tools
  61. Hacking App
Posted by at No comments:

Exploiting Golang Unsafe Pointers


There are situations when c interacts with golang for example in a library, and its possible to exploit a golang function writing raw memory using an unsafe.Pointer() parameter.

When golang receive a null terminated string on a *C.Char parameter, can be converted to golang s tring with  s2 := C.GoString(s1) we can do string operations with s2 safelly if the null byte is there.

When golang receives a pointer to a buffer on an unsafe.Pointer() and the length of the buffer on a C.int, if the length is not cheated can be converted to a []byte safelly with b := C.GoBytes(buf,sz)

Buuut what happens if golang receives a pointer to a buffer on an unsafe.Pointer() and is an OUT variable? the golang routine has to write on this pointer unsafelly for example we can create a golangs memcpy in the following way:



We convert to uintptr for indexing the pointer and then convert again to pointer casted to a byte pointer dereferenced and every byte is writed in this way.

If b is controlled, the memory can be written and the return pointer of main.main or whatever function can be modified.

https://play.golang.org/p/HppcVpLfuMf


The return addres can be pinpointed, for example 0x41 buffer 0x42 address:



We can reproduce it simulating the buffer from golang in this way:


we can dump the address of a function and redirect the execution to it:


https://play.golang.org/p/7htJHJp8gUJ

In this way it's possible to build a rop chain using golang runtime to unprotect a shellcode.

Related news


  1. Pentest Tools Website
  2. Hacking Tools Software
  3. Pentest Recon Tools
  4. Pentest Box Tools Download
  5. Bluetooth Hacking Tools Kali
  6. Hacking Tools Pc
  7. Hacking App
  8. Best Hacking Tools 2019
  9. Hacker Tools Free Download
  10. Hacker Tools For Ios
  11. Hack App
  12. Best Hacking Tools 2019
  13. Hacking Tools For Pc
  14. Hacker Tools Free Download
  15. Hacker Tools For Windows
  16. Hack App
  17. Pentest Tools Framework
  18. Hacking Tools Pc
  19. Pentest Tools Kali Linux
  20. Blackhat Hacker Tools
  21. Pentest Tools Subdomain
  22. Hacker Tools Software
  23. Hacking Tools Usb
  24. Hacker Tools For Windows
  25. Hack Tools 2019
  26. Hacker Tools Apk Download
  27. Hacking App
  28. Pentest Tools Find Subdomains
  29. Hack Apps
  30. World No 1 Hacker Software
  31. Hack App
  32. Hack Tools Download
  33. What Is Hacking Tools
  34. Hacking Tools For Pc
  35. Hack Tools
  36. Hacker Tools For Windows
  37. Pentest Tools Review
  38. Pentest Tools For Mac
  39. Computer Hacker
  40. Hacking Tools 2020
  41. Hack Website Online Tool
  42. Pentest Tools Download
  43. Hacker Tools 2020
  44. Easy Hack Tools
  45. Hacker Tools
  46. Hacking Tools Windows 10
  47. Physical Pentest Tools
  48. Pentest Tools
  49. Pentest Tools Apk
  50. Hacker Tools For Mac
  51. Pentest Tools List
  52. New Hacker Tools
  53. Hacker Tools Mac
  54. How To Hack
  55. Pentest Tools List
  56. Pentest Tools Bluekeep
  57. Hack Tools For Games
  58. How To Hack
  59. Hacker Tools For Windows
  60. Hack Tools For Ubuntu
  61. Hack Tools
  62. Underground Hacker Sites
  63. Easy Hack Tools
  64. Pentest Tools Free
  65. Hacking Tools And Software
  66. Pentest Tools Alternative
  67. Hacking Tools Windows
  68. Free Pentest Tools For Windows
  69. Hacking App
  70. New Hack Tools
  71. Hacking Apps
  72. Hacking App
  73. Hacker Tools Software
  74. Hacking Tools Kit
  75. Pentest Tools Alternative
  76. Hack Tools
  77. Underground Hacker Sites
  78. Best Hacking Tools 2020
  79. New Hack Tools
  80. Hackrf Tools
  81. Hacks And Tools
  82. Pentest Tools Bluekeep
  83. Hacking Tools And Software
  84. Hacking Tools For Windows 7
  85. Growth Hacker Tools
  86. Pentest Tools
  87. Hacker Tools For Windows
  88. Hacker Tools
  89. Hacker Search Tools
  90. Pentest Tools For Android
  91. Hacking Tools For Windows Free Download
  92. Pentest Tools Tcp Port Scanner
  93. Hack Apps
  94. Pentest Tools Open Source
Posted by at No comments:

Tuesday, May 30, 2023

Hackerhubb.blogspot.com

Hackerhubb.blogspot.com
More articles

  1. Hack Tools Download
  2. Android Hack Tools Github
  3. Pentest Tools Framework
  4. Pentest Tools Find Subdomains
  5. Black Hat Hacker Tools
  6. Hacker Tools For Mac
  7. What Are Hacking Tools
  8. Hacker Tools Apk
  9. Pentest Tools Website Vulnerability
  10. Pentest Tools Apk
  11. Hacking Tools For Games
  12. New Hack Tools
  13. Hacker Tools Free Download
  14. Pentest Tools
  15. Pentest Tools For Ubuntu
  16. Pentest Tools Apk
  17. Pentest Tools Windows
  18. Nsa Hack Tools
  19. Pentest Tools Online
  20. Pentest Tools Download
  21. Hacking Tools Windows
  22. Hacker Tools For Mac
  23. Nsa Hack Tools Download
  24. New Hacker Tools
  25. Pentest Tools For Ubuntu
  26. Hacker Techniques Tools And Incident Handling
  27. Hack Tools For Games
  28. Pentest Tools Bluekeep
  29. Underground Hacker Sites
  30. Pentest Tools
  31. Nsa Hack Tools
  32. Pentest Tools Nmap
  33. Hacking Tools For Mac
  34. Hack Website Online Tool
  35. Hacker Tools Free Download
  36. Pentest Tools For Android
  37. Pentest Tools Framework
  38. Easy Hack Tools
  39. Hacking Tools Windows
  40. Hacker Tools Free Download
  41. Hak5 Tools
  42. Hack Tools For Mac
  43. Pentest Tools Free
  44. Game Hacking
  45. Hacking Tools Mac
  46. Hacker Tools List
  47. Tools Used For Hacking
  48. Underground Hacker Sites
  49. Hacker Tools List
  50. Hacking Tools 2019
  51. Hacking Tools Pc
  52. Hacker
  53. Pentest Tools Tcp Port Scanner
  54. Hack Tools Download
  55. Wifi Hacker Tools For Windows
  56. How To Make Hacking Tools
  57. Hack Tools
  58. Nsa Hack Tools
  59. Pentest Tools Website
  60. Usb Pentest Tools
  61. Hacking Apps
  62. Hacker Tools For Pc
  63. Hacking Tools For Windows 7
  64. Hacking Tools Hardware
  65. Pentest Tools Open Source
  66. Free Pentest Tools For Windows
  67. Pentest Tools Url Fuzzer
  68. Pentest Tools Alternative
  69. Bluetooth Hacking Tools Kali
  70. World No 1 Hacker Software
  71. Hacker Tools Hardware
  72. Computer Hacker
  73. Hacking Tools For Mac
  74. Pentest Tools List
  75. Hacker Tools 2020
  76. Pentest Automation Tools
  77. Hacking Tools For Kali Linux
  78. Beginner Hacker Tools
  79. What Is Hacking Tools
  80. What Is Hacking Tools
  81. Hacking Tools Github
  82. New Hacker Tools
  83. Hacker Tools
  84. Hacker Security Tools
  85. Hacker Techniques Tools And Incident Handling
  86. Easy Hack Tools
  87. Hacking Tools Online
  88. Nsa Hacker Tools
  89. Underground Hacker Sites
  90. Hack Apps
  91. Physical Pentest Tools
  92. Hack Tools Online
  93. Hacker Tools Hardware
  94. Hacking Tools For Windows
  95. Pentest Tools Open Source
  96. Hacking Tools Kit
  97. Tools 4 Hack
  98. Tools Used For Hacking
  99. Hacker Tools Mac
  100. Hacker Tools For Mac
  101. Hacking Tools Kit
  102. Pentest Tools Android
  103. Hack Tools
  104. Wifi Hacker Tools For Windows
  105. Hacking Tools For Mac
  106. Top Pentest Tools
  107. Install Pentest Tools Ubuntu
  108. Hack Tools For Ubuntu
  109. Pentest Recon Tools
  110. Pentest Tools Windows
  111. Hack Tools
  112. Hack Tools Github
  113. Hacking Tools Mac
  114. New Hack Tools
  115. Hackrf Tools
  116. How To Make Hacking Tools
  117. Easy Hack Tools
  118. Hack Tool Apk
  119. Pentest Tools For Android
  120. Hack Tool Apk No Root
  121. Hack Apps
  122. Pentest Tools
  123. Hacker Tools Hardware
  124. Hack Tools For Ubuntu
  125. Hacking Tools 2019
  126. Best Hacking Tools 2019
  127. Pentest Tools Framework
  128. Hacker Tools Apk Download
  129. Pentest Tools Framework
  130. New Hack Tools
  131. Hacks And Tools
  132. Hacking Tools Online
  133. Hack Tools Pc
  134. Hacker Tools 2019
  135. Hacker Tools Windows
  136. Hack Apps
  137. Pentest Tools
  138. Hacking Tools Github
  139. Hack Tools
  140. Wifi Hacker Tools For Windows
  141. Top Pentest Tools
  142. Hacking App
  143. Hacker Tools For Windows
  144. Pentest Recon Tools
  145. Hacker Tools For Pc
  146. Hacker Tools Free Download
  147. Pentest Tools Review
  148. Hacking Tools For Windows Free Download
  149. Growth Hacker Tools
  150. Pentest Tools Port Scanner
  151. Hacker Tool Kit
  152. Hacking Tools Hardware
  153. Pentest Tools For Android
  154. Hacking Tools Free Download
Posted by at No comments:

TLS V1.2 Sigalgs Remote Crash (CVE-2015-0291)


OpenSSL 1.0.2a fix several security issues, one of them let crash TLSv1.2 based services remotelly from internet.


Regarding to the TLSv1.2 RFC,  this version of TLS provides a "signature_algorithms" extension for the client_hello. 

Data Structures
If a bad signature is sent after the renegotiation, the structure will be corrupted, becouse structure pointer:
s->c->shared_sigalgs will be NULL, and the number of algorithms:
s->c->shared_sigalgslen will not be zeroed.
Which will be interpreted as one algorithm to process, but the pointer points to 0x00 address. 


Then tls1_process_sigalgs() will try to process one signature algorithm (becouse of shared_sigalgslen=1) then sigptr will be pointer to c->shared_sigalgs (NULL) and then will try to derreference sigptr->rhash. 


This mean a Segmentation Fault in  tls1_process_sigalgs() function, and called by tls1_set_server_sigalgs() with is called from ssl3_client_hello() as the stack trace shows.




StackTrace

The following code, points sigptr to null and try to read sigptr->rsign, which is assembled as movzbl eax,  byte ptr [0x0+R12] note in register window that R12 is 0x00

Debugger in the crash point.


radare2 static decompiled


The patch fix the vulnerability zeroing the sigalgslen.
Get  David A. Ramos' proof of concept exploit here





More information
  1. Hacker Tools Mac
  2. Hacking Tools Free Download
  3. Hacker Tools Apk Download
  4. Hacking Tools Kit
  5. Hack Tool Apk
  6. Hacking Tools For Beginners
  7. New Hack Tools
  8. Hack Tools Download
  9. Hacking Tools Windows 10
  10. Hack Tool Apk No Root
  11. Nsa Hacker Tools
  12. New Hacker Tools
  13. Nsa Hack Tools Download
  14. Hacks And Tools
  15. Hack Tools Download
  16. Hacker Tools Apk
  17. Pentest Tools Tcp Port Scanner
  18. How To Hack
  19. Tools 4 Hack
  20. Pentest Tools For Ubuntu
  21. Pentest Tools Subdomain
  22. Hackrf Tools
  23. Hacking App
  24. Hacker Tools For Mac
  25. Pentest Tools Android
  26. Pentest Tools Open Source
  27. Pentest Tools Website
  28. What Are Hacking Tools
  29. Hacking Tools For Beginners
  30. Hack Tools Github
  31. Pentest Tools For Mac
  32. Hacking Tools Usb
  33. Hack Tools
  34. Pentest Tools Tcp Port Scanner
  35. Top Pentest Tools
  36. Pentest Tools Linux
  37. Hacking Tools For Kali Linux
  38. Best Hacking Tools 2019
  39. Free Pentest Tools For Windows
  40. Hacking Tools For Beginners
  41. Free Pentest Tools For Windows
  42. Pentest Tools Kali Linux
  43. Pentest Tools Find Subdomains
  44. Hack Rom Tools
  45. New Hacker Tools
  46. What Is Hacking Tools
  47. Hack Tools For Pc
  48. Hack Tools For Pc
  49. Tools For Hacker
  50. Hacker Tools Windows
  51. Wifi Hacker Tools For Windows
  52. Pentest Tools Linux
  53. Physical Pentest Tools
  54. New Hack Tools
  55. Hacker Search Tools
  56. Pentest Tools Windows
  57. Hacker Tools Free Download
  58. Hacking Tools For Windows 7
  59. Hack Tools Pc
  60. Blackhat Hacker Tools
  61. Hacking Tools Kit
  62. Hack Tool Apk No Root
  63. Hacking Tools For Mac
  64. Hacker Tools Mac
  65. How To Make Hacking Tools
  66. Tools For Hacker
  67. What Are Hacking Tools
  68. Hacker Tools Linux
  69. Hacker
  70. Nsa Hack Tools
  71. Pentest Tools Alternative
  72. Hacking Tools Name
  73. Kik Hack Tools
  74. Nsa Hack Tools
  75. Computer Hacker
  76. Hacker Tools Apk Download
  77. How To Install Pentest Tools In Ubuntu
  78. Pentest Tools For Ubuntu
  79. Hacker Tools Online
  80. Beginner Hacker Tools
  81. Pentest Tools Github
  82. Nsa Hack Tools
  83. How To Make Hacking Tools
  84. Hacking Tools Free Download
  85. Android Hack Tools Github
  86. Pentest Tools Subdomain
  87. Pentest Tools Review
  88. Beginner Hacker Tools
  89. Hacking Tools For Games
  90. Tools Used For Hacking
  91. Pentest Tools Subdomain
  92. Hacking Tools Download
  93. Pentest Tools Linux
  94. Easy Hack Tools
  95. Game Hacking
  96. Hacker Tools Linux
  97. Pentest Tools Kali Linux
  98. Hackers Toolbox
  99. Hacking Tools Pc
  100. Hacker Tools For Pc
  101. Hacking App
  102. Hacker Tools Online
  103. Hacking Tools Windows
  104. Hack Tools Online
  105. Hack Tools 2019
  106. World No 1 Hacker Software
  107. Install Pentest Tools Ubuntu
  108. Android Hack Tools Github
  109. Pentest Tools Kali Linux
  110. Pentest Tools Linux
  111. Hack Tools Download
  112. Hack Website Online Tool
  113. Pentest Tools Download
  114. Hack Rom Tools
  115. Hack Tools Download
  116. Pentest Tools For Android
  117. Hacker Search Tools
  118. Pentest Tools Find Subdomains
  119. Physical Pentest Tools
  120. Nsa Hack Tools
  121. Hack Rom Tools
  122. Nsa Hack Tools
  123. Hack Tools Pc
  124. Hacker Tools For Mac
  125. What Are Hacking Tools
  126. World No 1 Hacker Software
  127. Hacking Tools Kit
  128. Hacking Tools For Windows 7
  129. Pentest Tools Website
  130. Github Hacking Tools
  131. Growth Hacker Tools
  132. Hack App
  133. Hacking Tools Hardware
  134. Hacking Tools For Windows Free Download
  135. Hacker Tools Free Download
  136. Hack Tool Apk
  137. Hacking Tools Mac
  138. Hacking Tools For Beginners
  139. Hacker Search Tools
  140. Hacker Tools Online
  141. Wifi Hacker Tools For Windows
  142. Hackers Toolbox
  143. Hacking Tools Download
  144. Hack Tools Mac
  145. Hacking Tools Name
  146. Hacking Tools For Windows 7
  147. Hack And Tools
  148. Nsa Hack Tools Download
  149. Growth Hacker Tools
  150. What Is Hacking Tools
  151. Hacking Tools Software
  152. Best Hacking Tools 2019
  153. Hacking Tools For Mac
  154. Pentest Tools Tcp Port Scanner
  155. Pentest Tools Online
  156. Hacker
  157. New Hack Tools
  158. Nsa Hack Tools
  159. Easy Hack Tools
  160. Hacker Tools Software
  161. Beginner Hacker Tools
  162. Hacking Tools Kit
  163. Hack Tool Apk
  164. What Are Hacking Tools
  165. Hack And Tools
  166. Hacking Tools For Windows 7
  167. Hackers Toolbox
  168. Usb Pentest Tools
  169. Hacking Tools Software
  170. Hacking Tools For Windows
  171. Hacker Tools Software
Posted by at No comments:
Subscribe to: Posts (Atom)