.

Sunday 28 December 2014

Private Bug Bounty Programs 2015






Bug Bounty (wikipedia)
A bug bounty program is a deal offered by many website and software developers by which individuals can receive recognition and compensation for reporting bugs, especially those pertaining to exploits and vulnerabilities.







Bug Bounty Guide:
  1. Learn and study all types of common attack like XSS, SQL Injection, RFI, LFI and others. Remember one thing that hacking and vulnerability assessment are not same. To be a good bug bounty hunter you must know, how a vulnerability is generate and what is the wrong in coding to generate a vulnerability. It helps you mentally to find out where maybe the vulnerabilities are exist.
  2. Find out which companies or websites are under bug bounty program. Searching in Google you can get a list of them. ex: Bug Bounty Program websites .
  3. Using vulnerability assessment tools or any vulnerability scanner is not a good idea to become a good bug bounty hunter. You should use your brain not any software.
  4. If your target is any big website than try to find out the sub domains of that website. It will be more easier to vulnerability assessment over it. But before that you should read their terms and conditions to know that is sub domains are allowed in bug bounty or not.
  5. After your vulnerability assessment make a details report with POC about that vulnerabilities you have found. On your report you must highlight what kind vulnerability is about and what is the negative impact of that vulnerability if it found by any offensive hacker. 
  6. After submitting your report wait for the replay. If you disclosure the vulnerability before their replay it is not good for your reputation

Thanks for Reading this Article and if you need any information so feel free to comment below .


Read more ...
Posted by at 1 comment:
Labels:

Friday 26 December 2014

How to Hack WPA/WPA2 WIFI Passwords in 3 Steps [2014/2015 , pin ]

Reaver Hacking Wifi tutortial how to hack wifi wpa protected password 2014/2015 working new wps hacking hack wifi wpa2 password kali linux/backtrack5 and crack wifi.



 How to Hack/Crack Wifi Password?

One of the Useful method of Wifi Cracking/Hacking is here only for you .So today you will learn how to Crack/hack the wifi Password through (Push button) .
you will learn cracking of a WPA / WPA2 Protected Wifi Password which has WPS ( push Button ) enabled on it.

What is Reaver ? 
Reaver is a Linux based software which bruteforce the wps pins on the router which has wps / Push Button enabled and it comes pre loaded with Kali Linux OS.

What is Push Button or WPS ?
Basically WPS/Push Button option comes with many routers / modems in which while connecting to a network you may avoid entering a password and can simply connect to your network by pressing a button inside your modem / router.

What You Will Need To Perform This Attack ?


  • WPS ( Push Button ) Enabled WIFI Network in Range 
  • Wireless Adapter 
  • Kali Linux OS 

Get Started 

Start Your Kali Linux OS and open terminal

1. Turn On your monitor interface by typing the below command
airmon-ng start wlan0


2. Check if there is any wps enabled wifi in your range.
To check the wps enabled network we will use wash command so type the below command and it will list all those networks which have wps enabled.

wash -i mon0 -C
Now this will display all those networks which have wps enabled so chose any network which has strong signals and after copy its BSSID

3. Start Cracking by typing the below command

 reaver -i mon0 -b BSSID -vv



Here in this command  " reaver -i mon0 -b BSSID -vv " in BSSID paste the BSSID number which you want to crack and which you copied in past from above step and wait for about hours because this needs much time even 3-5 hours depending upon the pin code of the router which reaver will bruteforce and if the pin matches it will crack the password for you and will display the password.



How You can protect yourself from this attack ? 

As a Security Researcher my opinion for security reasons just disable the wps option from the device  or if you really want to enable it then create hard and end custom pin as many routers come with default pin code which reaver can easily crack.

Note : this is only for Education Purpose so don't try for negative work .
we are not responsible for any thing.






Read more ...
Posted by at 3 comments:
Labels: , ,

Sunday 14 December 2014

Logout Cross site Request Forgery CSRF Vulnerability [worth bug 250$ ]



CSRF LOGOUT IMPACT :


 Logout should protect your logout mechanism against CSRF. At first it seems that all an attacker can do is logout the user, which would be annoying at worst. However, if you combine this with a phishing attack, the attacker may be able to entice the victim to re-login in using their own form and then capture the credentials. Very sketchy, but to protect against this sort of attack requires little cost.


LOGOUT CSRF POC :


Overview:

Hello , This is Abdul Haq Khokhar , I am Independent Security Researcher and I have recently found Vulnerability in website (Private Program) on hackerone.com and I don't want to disclose website because my report is still Triaged (12-12-2014) and security team is fixing now.

 well vulnerability was really simple as i shown in below POC-Screenshot and i was just testing this vulnerability first time so i tried on this web and Got the Shocking response from the Website .
BUG : Logout CSRF Cross site Request Forgery CSRF
POC Code :
Already shown in POC Screenshot above .

Reporter : Abdul Haq Khokhar

After Reading the Response from Security team :

Reward : 250$




 I hope you enjoyed this article and Hopefully you guys will try this bug on other websites too :-D

             
“Let him who would enjoy a good future waste none of his present.”
Roger Babson

For Contact :

Facebook  | Twitter  |  Bugcrowd  | Hackerone        






Read more ...
Posted by at 5 comments:
Labels: , , , ,

How to find Vulnerability in Website [2015,tools,top10 bugs]



How to Find Vulnerable Websites :

 Website security is a major problem today and should be a priority in any organization or a webmaster, Now a days Hackers are concentrating alot of their efforts to find holes in a web application, If you are a website owner and having a High Page rank and High Traffic then there is a chance that you might be a victim of these Hackers. Few years back their existed no proper tools search for vulnerability, but now a days there are tons of tools available through which even a newbie can find a vulnerable site and start Hacking.

General Method Used for Website Hacking:

 There are many methods that can be used to hack a website but most general and common once are as follows:
1.SQL Injection
2.XSS(Cross Site Scripting)
3.Remote File Inclusion(RFI)
4.Directory Traversal attack
5.Local File inclusion(LFI)
6.DDOS attack.


Tools which commonly used to find a vulnerability in website : 

 

Acunetix:

Acunetix is best tool for find a vulnerability even i am also using for many purpose. this is one of the my favorite tool to find a venerability in any web application It automatically checks/find your web applications for SQL Injection, XSS & other web vulnerabilities.





Download Here :

Download Acunetix Web Security Scanner 

Nessus:

Nessus is the best unix venerability testing tool and among the best to run on windows. Key features of this software include Remote and local file securitychecks a client/server architecture with a GTK graphical interface etc.

Download Here :

Download Nessus from the link below :
http://www.nessus.org/download
Metasploit Framework :
The Metasploit Framework is the open source penetration testing framework with the world's largest database of public and tested exploits.

Download Metasploit(For Windows users) from the link below http://www.metasploit.com/releases/framework-3.2.exe

 Download Metaspolit(For Linux users) from the link below http://www.metasploit.com/releases/framework-3.2.tar.gz

Thanks for Reading and do comment if you want any help.
Read more ...
Posted by at 2 comments:
Labels:

Wednesday 3 December 2014

Full path disclosure at ads.twitter.com [Vulnerability , Reward 140$]



Vulnerability found in ads.twitter.com
Recently Independent Security Researcher Found a Vulnerability in Twitter .I was Really simple vulnerability but we can say its all about eagle eyes .

 Twitter Vulnerability Description:
I noticed a small information disclosure (full path disclosure) on ads.twitter.com.



Steps to Reproduce a Vulnerability/Bug :


  • 1. Login to ads.twitter.com
  • 2. Start to create a new twitter-follower campaign
  • 3. Choose to upload a new picture
  • 4. Turn on your intercepting proxy
  • 5. Upload a file
  • 6. You should notice a request to your log facility.

 
GET /accounts/18ce53wparq/log?v=0.9&u=https%3A%2F%2Fads.twitter.
com%2Faccounts%2Fxxxx%2Fcampaigns%2Fnew_objective%2Ffollowers%3Fsou
rce%3Dobjective_picker&rt.start=cookie&r=https%3A%2F%2Fads.twitter.com 
%2Faccounts%2Fxxxxx%2Fcampaigns%2Fnew&timers=&events=ads%3Afollowers
%3Acreative%3A%3A%3Aenter HTTP/1.1
Host: ads.twitter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:32.0) Gecko/20100101 
Firefox/32.0
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: https://ads.twitter.com/accounts/xxxxx/campaigns/new_objective/
followers?source=objective_picker
Cookie: [COOKIES]
Connection: keep-alive
 
 
The response will contain something like this: 

x-sendfile: /var/lib/mesos/slaves/201403042312-2230002186-5050-50082
-705/frameworks/201104070004-0000002563-0000/executors/thermos-1409
696851527-revenue_web-prod-ads-36-d76baad3-5634-4141-ab52-478be9eca
b97/runs/e09cc5ea-77f8-4729-afd1-0045b2a772c5/sandbox/app/assets
/images/blank.gif




More Info :

As you can see, this discloses a full path to a resource. This information could be used in further attack scenarios like LFI or RCE. 



Thanks.

Read more ...
Posted by at No comments:
Labels: , , ,
Subscribe to: Posts (Atom)

About

Like Us

Designed By Seo Blogger Templates Published.. Blogger Templates