fun & profit with bug bounties

22
Fun & Profit with Bug Bounties - Madhu Akula Null - Dharamshala Null - Dharamshala

Upload: nu-the-open-security-community

Post on 17-Aug-2014

400 views

Category:

Education


0 download

DESCRIPTION

null Dharmashal Chapter - July 2014 Meet

TRANSCRIPT

Page 1: Fun & profit with bug bounties

Fun & Profit with Bug Bounties

- Madhu Akula

Null - DharamshalaNull - Dharamshala

Page 2: Fun & profit with bug bounties

About Me !

root@localhost :~# whoami

Madhu Akula

Information Security Enthusiastic

[email protected]

www.madhuakula.com

in.linkedin.com/in/madhuakula fb.com/madhu.akula twitter.com/madhuakula

Page 3: Fun & profit with bug bounties

Agenda

What and how to start

Bug Bounties

&

My experience with

bug bounties...

Page 4: Fun & profit with bug bounties

What is bug bounty ?

Vendor :

● Create a program

● Offer HOF (or) Swag (or) Reward (or) Duplicate

● Get the all vulnerabilities and Fix asap !

● Make products and applications secure

Researcher :

● Find the vulnerabilities in target

● Get mostly duplicates :P

● Other wise Hof, Swag (or) Reward !

● Share in Social Network

Page 5: Fun & profit with bug bounties

History...

https://blog.crowdcurity.com/the-history-of-bug-bounty-programs/

Page 6: Fun & profit with bug bounties

Who are eligible ?

● Are you able to p0p up

Page 7: Fun & profit with bug bounties

Where to find the list?

● Here you go...

Page 8: Fun & profit with bug bounties

How to start ???

● Learn how things will work

● Owasp is our home to learn Web Application Security

● Do home work with Broken Web Apps

● Then apply what you learn !

Start with your requests untill you will get the response :)

Page 9: Fun & profit with bug bounties

How to start ???

● Your main resource for bug bounties is gathering Proof Of Concepts (POC) !

● Checking blogs for write up

● Adding bug hunters into your friends list to get PoC's as well as new programs :p

● Checking for new vulnerabilities

site:hackerone.com/reports/

Page 10: Fun & profit with bug bounties

How to start ???

● Take one site from the list of sites

● Check your luck with new sites

● Then try to map the target with attack surface

● Check for OWASP Vulnerabilities as first priority

● Check other type of vulnerabilities also

● Then get hof, swags and $$$$

Page 11: Fun & profit with bug bounties

Common checks !

● Cross Site Scripting

● Cross Site Request Forgery

● Injections

● Authentication and Session Mechanism

● Remote Code Execution

● Other...

Page 12: Fun & profit with bug bounties

Resources

Mozilla and addon's

● Live HTTP Headers ● Tamper Data ● Wappalyzer ● Foxyproxy● Firebug ● Hack bar● User switcher ● Others...

writing custom scripts will give you more good and quick results

searchdns.netcraft.com, www.wolframalpha.com - For subdomains finding !

Keep ready made report templates to become you are the first person to find !

Finally use https://pentest-tools.com

Proxies

● Burp● Owasp ZAP● Any other

Search Engine Discovery

Google, Shodan, Bing, other

Open Source ● Ironwasp● Xenotix● Many more...

Bye bye to Scanners !

Page 13: Fun & profit with bug bounties

My Experiance with Bug Bounties !

Started with Duplicates...

Don't know what is bug hunting (n00b)

Page 14: Fun & profit with bug bounties

Digging into deep !

● only one target, find bugs untill you will be the first person to find !

● Once you are the first person if is there any reward try more untill you will be listed in Top members...

Page 15: Fun & profit with bug bounties

After...

Many More...Many More...

Page 16: Fun & profit with bug bounties

After...

Many More...Many More...

Page 17: Fun & profit with bug bounties

After...

Many More...Many More...

Page 18: Fun & profit with bug bounties

The End !

● It's enough

● Realised that I'm wasting everyday 2hrs

● Luck is the best kick for duplicates

● Started as noob and got some expriance with app security

● Good friends in Social Networks

● Then started contributing to Open Source and got some

CVE-2014-4329, CVE-2014-4722, CVE-2014-4853

Page 19: Fun & profit with bug bounties

Conclusion

Bug bounties are not only for rewards (or) fame. You will learn about new attacks and exploitation techniques by

playing with other applications.

Page 20: Fun & profit with bug bounties

Demo's & POC's

Page 21: Fun & profit with bug bounties

Walk Through !

Page 22: Fun & profit with bug bounties

Special Thanks !

http://null.co.infb.com/null0x00 twitter.com/null0x00