Bug Bounty - Play For Money

27
{ Bug Bounty Play for Money

Transcript of Bug Bounty - Play For Money

Bug Bounty

Bug BountyPlay for Money

{

Before I start giving my presentation I just want to know how many of you are familiar with bug bo

unty1

#Whoami

So ladies and gentleman Im going to present the bug bounty play for money

2

Shubham Gupta (@hackerspider1)

Just another random lazy guy interested in security

Security Consultant at Pyramid Cyber Security & Forensic

Bug Bounty Hunter{Just do when I need money

BCA Graduate{Doesnt Matter

Penetration tester

3

Lucky Enough

Im lucky enough to find vuln. In google, yahoo, twitter actually there are so many company I dont remember all of the name u can find all of them.

4

6

Introduction HistoryWhy bug hunting?How to do bug hunting?Quick TipsPOCPros and Cons of bug hunting.Q&AAgenda

What is #Bug BountyAlso calls as VRP (Vulnerability Reward Program)Company (Security Team/Vendor)Create Program.Offer Cash , HOF , Swag. Acknowledge Your Work.Researchers / Bug HunterHit Target and Get Bugs.Sometimes Duplicates , Sometime $$$ , Sometime Swag.Recheck Bug After Fix.

Lets start with what is bug bounty? Bug bounty is also called as VRP vuln. Reward program bassically there are two section in bug bountyCompany and researcher in professional we 8

A Brief History of Bug Bounty Programs.

- 1995 (Net Scape)

- 2004 (FIREFOX)

- 2005

- 2007

- 2010

- 2011

- 2012

- 2013

-2013(Cobalt)

- 2013 (Synack)

Why bug hunting?Chances of finding bugs to put on your cv.

Possibility of getting job.

lots of money in very less time

Cool T-shirts, Hoodies, Mugs and many more swags

Recognition

ConnectionsLess security breaches

Enjoyment

Person will Learn to work hard because of Competition

Bug Bounty Programs And PlatformsPopular Programs- Google (Min 100$ & Max 20000$)- Yahoo (Min 50$ & Max 15000$)- Facebook Min 500$ - Want to know More

GithubTwitterMicrosoft

Want Few More?https://bugcrowd.com/list-of-bug-bounty-programs https://hackerone.com/directory https://cobalt.io/programs

Popular PlatformBugCrowdManaged Security Program for Company 27125 World Wide Researcher200+ ProgramsHackerOneSecurity Inbox for Company133+ Public Program6.91M PaidSynack Everyone Want To JoinCobalt

How to kickoff for hunting bugs?

How to do bug hunting? Bug hunting is all about Exploring Weaknesses and Experimentation.

It requires 30% programming knowledge and 70% logical out of box thinking.

Try each and every Combination to exploit bug . Dig dipper. Try more to find logical bugs it will increase your chance for higher payouts and reduce chances for Duplicates.

Quick Tips

How to Write Report?TitleIssue InformationStep by step instruction to reproduce the bugImpactMitigation

POC

Video Demo

Yahoo Xss Filter Bypass

SVG XSS

One of the most unique bug of 2015 and easy to find.

Most of the web based projects include svg for a clear and interactive user experience.

To verify this answer I created an svg file with an XSS vector below and started testing the websites that allow images .

the page will render the content of the xml as html , so resulting on a xss vulnerability.22

23

Live Demo of SVG XSS on BugCrowd

Tapjacking Live Demo POC Video

UI Redressing (Tap jacking) attack may trick users into tapping a specifically crafted malicious App popup window (e.g. toast view), making it a gateway for varied threats such as framing attack. Using this technique, a malicious App could potentially trick a user into making purchases, clicking on ads, installing Apps, or even wiping all of the data from the phone.25

Thanks

-My Nigga