Lista de las mejores técnicas de hacking web del 2019

[hkm]

Lista de las mejores técnicas de hacking web del 2019

Exploiting SSRF in AWS Elastic Beanstalk
Get pwned by scanning QR Code
Exploiting Null Byte Buffer Overflow for a $40,000 bounty
Infiltrating Corporate Intranet Like NSA: Pre-Auth RCE On Leading SSL VPNs
Unveiling vulnerabilities in WebSocket APIs
Reverse proxies & Inconsistency
Abusing HTTP hop-by-hop request headers
DOMPurify 2.0.0 bypass using mutation XSS
PHP-FPM RCE(CVE-2019-11043)
Security analysis of portal element
Exploiting prototype pollution - RCE in Kibana
At Home Among Strangers
HostSplit: Exploitable
Finding and Exploiting .NET Remoting over HTTP using Deserialisation
Microsoft Edge (Chromium) - Elevation of Privilege to Potential RCE
Remote Code Execution via Insecure Deserialization in Telerik UI
Cross-Site Leaks por SirDarckCat
Exploiting Spring Boot Actuators
Owning The Clout Through Server Side Request Forgery
The world of Site Isolation and compromised renderer
XSS in GMail's AMP4Email via DOM Clobbering
Common Security Issues in Financially-Oriented Web Applications
A Tale of Exploitation in Spreadsheet File Conversions
Uploading web.config for Fun and Profit 2
Far Side of Java Remote Protocols
All is XSS that comes to the .NET
The Cookie Monster in Your Browsers
Hacking Jenkins Part 2 - Abusing Meta Programming for Unauthenticated RCE!
Exploring Continuous Integration Services as a Bug Bounty Hunter
Exploiting Deserialisation in ASP.NET via ViewState
Don't open that XML: XXE to RCE in XML plugins for VS Code, Eclipse, Theia, ...
Bypassing SOP Using the Browser Cache
SSRF Protocol Smuggling in Plaintext Credential Handlers : LDAP
Exploiting JNDI Injections in Java
Reusing Cookies
Abusing autoresponders and email bounces
HTTP Desync Attacks: Request Smuggling Reborn
Let's Make Windows Defender Angry: Antivirus can be an oracle!
SSO Wars: The Token Menace
XSS-Auditor — the protector of unprotected and the deceiver of protected
DoS via Web Cache Poisoning
Facebook Messenger server random memory exposure through corrupted GIF
Exploiting padding oracles with fixed IVs
Getting Shell with XAMLX Files
Apache Solr Injection Research
ESI Injection Part 2: Abusing specific implementations
Backchannel Leaks on Strict Content-Security Policy
Google Search XSS
IIS Application vs. Folder Detection During Blackbox Testing

Fuente y votación por el Top 10: https://portswigger.net/polls/top-10-web-hacking-techniques-2019
*La votación termina el 27 de enero.

[AlbertoBSD]

El primer link que me llamo la atención fue:

Exploiting Null Byte Buffer Overflow for a $40,000 bounty

Fuera de la cantidad exagerada del bounty, es muy raro ver ese tipo de bufferOverflows en vulnerabilidades WEB, realmente he platicado con varias personas via email y twitter que frecuentan el mundo del bugbounty y muchos de ellos no saben que es un bufferoverflow.

Lo interesante aquí seria ver el error "horror" de la aplicación en código C/C++, me imagino que ha de ser alguna tontería como utilizar alguna función insegura o una mala validación. ¿No hay clases en las escuelas de programación segura o como evitar ser pwned?

Saludos

[lucas5]

Estuvo muy bueno esa conferencia con uno de mis favoritos.
__________________________
Trabajo como desarrollador en Salesforce partner