Infosec Chunks Weekly: Bug Bounty Tips, Security News & Tools

Infosec Chunks is a weekly newsletter that highlights recent hacking news, bug bounty tips, security tools and interesting security articles for ethical hackers, penetration testers, and information security professionals.
It covers a High-level executive overview of the most important information security articles released in the last week. Each item is summarized and contains a reference for detailed information on the web.

Bug Bounty

Improve Your Hacking Skills Using Devtools

Did you ever wonder how to use devtools on the browser to find more legitimate vulnerabilities? DevTools is a set of web developer tools built directly into the browser.
Below video explains some DevTools browser tricks to enhance your game of bug bounty.

Improve Your Hacking Skills Using Devtools | Bug Bounty Tips
HTTP Request Smuggling in Zomato

Account takeover vulnerability using HTTP Request Smuggling and Desync attacks, through Akamai en route to Zomato. An attacker can achieve victim session takeover in bulk and steal all information from the victim.
This was happening at the AKAMAI level where the request were getting poisoned which lead to the issue and ideally those requests never reached our backend servers.

Reference: https://hackerone.com/reports/771666

How I was able to change victim’s password using IDN Homograph Attack
  1. Open the burp collaborator client > Generate Collaborator payload.
  2. Go to the sign-up page of target.com and create a new account with email- abc@gmail.com.burpcollaboratorpayloadhere.
  3. Now if the target.com has email confirmation > you will receive the email confirmation link in burp collaborator client > verify the email.
  4. Go to password reset page of target.com > enter email as abc@gmáil.com.burpcollaboratorpayloadhere
  5. If the target.com is vulnerable then it will send password reset link to the mail- abc@xn — gmil-6na.com.burpcollaboratorpayloadhere and you will receive the password reset link in burp collaborator client. Make sure to check in burp collaborator client -received email details: To- abc@xn — gmil-6na.com.burpcollaboratorpayloadhere.
  6. Now you can change the password and access the victim’s account.

Reference: https://medium.com/bugbountywriteup/how-i-was-able-to-change-victims-password-using-idn-homograph-attack-587111843aff

Tweet of the Week

Security Tools

JSMon: Automated JavaScript File Monitoring
Bug Bounty Security tool : JSMon for Automated JavaScript File Monitoring

JSMon, is an online change monitoring tool for javascript files.this tool is to continuously fetch a given list of javascript files, while keeping a database of all seen versions of those files. When a new version appears, JSMon saves the new version of the file, and notifies the user via IM using the Telegram API. The notification includes a beautified diff, so that one can easily spot changes even in minified code.

Reference: https://github.com/robre/jsmon

Security News

Remote Code Execution Vulnerability in Zoom Client for Windows

Zoom video conferencing program has found a vulnerability that could allow an attacker to execute arbitrary code on a victim’s computer running Microsoft Windows 7 or older. The vulnerability allows a remote attacker to execute arbitrary code on the user’s computer where Zoom Client is installed for Windows by making the user perform some typical actions such as opening a document file. During the course of the attack, no security warning is given to the user.

Reference: https://blog.0patch.com/2020/07/remote-code-execution-vulnerability-in.html

Remote Code Execution Vulnerability in Zoom Client for Windows
Project Freta: Microsofts Forensics and Rootkit Malware Detection Service

Project Freta is a free, cloud-based offering from the New Security Ventures (NSV) team at Microsoft Research that provides automated full-system volatile memory inspection of Linux systems. Microsoft Research free service to detect evidence of OS and sensor manipulation, such as rootkits and advanced malware, in live Linux machine memory snapshots.

The Project Freta analysis engine consumes snapshots of whole-system Linux volatile memory and extracts an enumeration of system objects. Some kernel hooking identification is performed automatically; this can be used by analysts to detect novel rootkits. The analysis portal is available in prototype form for public use: https://freta.azurewebsites.net.

Reference: https://docs.microsoft.com/en-gb/security/research/project-freta/

Leave a Reply