Infosec Chunks is a weekly newsletter that highlights recent hacking news, bug bounty tips, security tools and interesting security articles for ethical hackers, penetration testers, and information security professionals.
It covers a High-level executive overview of the most important information security articles released in the last week. Each item is summarized and contains a reference for detailed information on the web.
Improve Your Hacking Skills Using Devtools
Did you ever wonder how to use devtools on the browser to find more legitimate vulnerabilities? DevTools is a set of web developer tools built directly into the browser.
Below video explains some DevTools browser tricks to enhance your game of bug bounty.
HTTP Request Smuggling in Zomato
Account takeover vulnerability using HTTP Request Smuggling and Desync attacks, through Akamai en route to Zomato. An attacker can achieve victim session takeover in bulk and steal all information from the victim.
This was happening at the AKAMAI level where the request were getting poisoned which lead to the issue and ideally those requests never reached our backend servers.
How I was able to change victim’s password using IDN Homograph Attack
- Open the burp collaborator client > Generate Collaborator payload.
- Go to the sign-up page of target.com and create a new account with email- firstname.lastname@example.org.
- Now if the target.com has email confirmation > you will receive the email confirmation link in burp collaborator client > verify the email.
- Go to password reset page of target.com > enter email as abc@gmáil.com.burpcollaboratorpayloadhere
- If the target.com is vulnerable then it will send password reset link to the mail- abc@xn — gmil-6na.com.burpcollaboratorpayloadhere and you will receive the password reset link in burp collaborator client. Make sure to check in burp collaborator client -received email details: To- abc@xn — gmil-6na.com.burpcollaboratorpayloadhere.
- Now you can change the password and access the victim’s account.
Tweet of the Week
Remote Code Execution Vulnerability in Zoom Client for Windows
Zoom video conferencing program has found a vulnerability that could allow an attacker to execute arbitrary code on a victim’s computer running Microsoft Windows 7 or older. The vulnerability allows a remote attacker to execute arbitrary code on the user’s computer where Zoom Client is installed for Windows by making the user perform some typical actions such as opening a document file. During the course of the attack, no security warning is given to the user.
Project Freta: Microsofts Forensics and Rootkit Malware Detection Service
Project Freta is a free, cloud-based offering from the New Security Ventures (NSV) team at Microsoft Research that provides automated full-system volatile memory inspection of Linux systems. Microsoft Research free service to detect evidence of OS and sensor manipulation, such as rootkits and advanced malware, in live Linux machine memory snapshots.
The Project Freta analysis engine consumes snapshots of whole-system Linux volatile memory and extracts an enumeration of system objects. Some kernel hooking identification is performed automatically; this can be used by analysts to detect novel rootkits. The analysis portal is available in prototype form for public use: https://freta.azurewebsites.net.