🐝 Hive Five 41 – Light The Night

Hi friends,

Greetings from the hive!

I hope you had a wonderful weekend! I didn't do anything in particular except watch and contribute to NahamSec's "Light The Night" Fundraiser. Last I saw, he raised over $17,000 in support of The Leukemia & Lymphoma Society! Truly heartwarming.

Let's take this week by swarm!

🐝 The Bee's Knees

1. Layer 8 Conference: The Layer 8 conference is solely dedicated to social engineering and open source intelligence (OSINT) discussions.

2. Double spending bug in Polygon’s Plasma bridge: They thought they were out of the security game for a while now and that their interests have moved on to other fields. Polygon Double-Spend Bug Fix Postmortem — $2m Bounty.

3. How to get useful answers to your questions: 5 years ago they wrote a post called how to ask good questions. But it’s missing a few of the tactics they use to get useful answers like “interrupt people when they’re going off on an irrelevant tangent”.

4. CVE-2021-2471 MySQL JDBC XXE: Prior to MySQL Connector/J 8.0.27, the getSource() method exists in MysqlSQLXML, but the getSource() method has no security check when external general entities included in XML sources, consequently,here exists a XXE vulnerability.

5. Disclosed GitLab report from vakzz: Stored XSS in markdown via the DesignReferenceFilter.

🙏🏻 Enjoy This Newsletter?

• Get $100 to try DigitalOcean. The go-to VPS for bug bounty hunters. I use it for all of my own recon and automation needs, plus it also doubles as a VPN. They have every cloud resource you need at an affordable price.

💌 Want to sponsor an issue?

🔥 Buzzworthy

✅ Changelog

1. Rustlang 1.56 release: This version ships with the new edition: Rust 2021!

2. Nuclei v2.5.3 release: It includes a number of new features and bug fixes, making it easier to debug.

3. Introducing Shodan Trends: Shodan was originally designed as a tool to understand how technology use is changing on the Internet.

📅 Events

1. Chia Project: Chia Network is excited to announce the launch of their Bug Bounty program with the support of Bugcrowd.

2. Hardwear.io Security Trainings and Conference Netherlands 2021: Oct 28, 2021.

3. Texas Cyber Summit: Oct 29, 2021.

🎉 Celebrate

1. Happy birthday to Tuan Anh Nguyen: Congrats!

2. Stan received an awesome swag package: Sweet!

3. Valeriy crossed 5k rep at H1: Awesome!

4. kiwi is working on their infosec blog: Exciting!

5. Jason Haddix has big con plans for 2022: Can't wait!

💰 Career Corner

1. Are you a bug bounty recon/automation master?: and are you looking for a job right now? (full-time, benefits, can still do bounties on side, etc.) - Hit up sshell_.

2. Sam Parr ️has a coworker named Edie: She's one of the most effective, hardworking people he's ever worked with. But it wasn't obvious at first that she'd be as amazing as she is.

3. The Paranoids infosec intern alert: They're looking for three awesome interns who are looking to get a solid start in our industry.

4. Four tips to increase your DevOps salary: This is the second in an occasional series looking at DevOps salaries and careers.

📰 Articles

1. Discourse SNS webhook RCE.

2. Exploiting Hibernate Injections: Hibernate is a database ORM framework for Java offering developers a uniform interface and syntax to interact independently with underlying relational databases like MySQL, PostgreSQL, and many more.

3. Moodle - Stored XSS and blind SSRF possible via feedback answer text: When managing a course in Moodle, it's possible to add a 'Feedback' activity.

4. A Scientific Notation Bug in MySQL left AWS WAF Clients Vulnerable to SQL Injection: GoSecure ethical hackers found a bug in MySQL that has security consequences.

5. All Your (d)Base Are Belong To Us, Part 2: Code Execution in Microsoft Office (CVE-2021-38646): After discovering relatively straightforward memory corruption vulnerabilities in tiny DBF parsers and Apache OpenOffice, they wanted to cast my net wider.

📚 Resources

1. Yasser's recon workflow.

2. What to do if all you have is an IP address asked by kirbstr.

3. awesome-linux-rootkits.

4. The best VPN - thread.

5. Totally Insecure Web Application Project (TIWAP): a web security testing lab made using Flask for budding security enthusiasts to learn about various web vulnerabilities.

🎥 Videos

1. Katie Explains: Modern Web Development: She often tell people not to focus too much on CTFs or challenges on Twitter, but why? Well modern web dev has come a long way and many challenges just aren't realistic to what the modern web looks like.

2. Fuzzing Firefox using In-process Fuzzing with Frida - Browser Security #2.

3. Android Exploits 101 Workshop: This workshop is an overview of the "shape" of modern Android exploits with examples.

4. Zwink - S1E1: What is Bug Bounty Hunting & "The Suck Factor": He explains at a high level what Bug Bounty hunting is and the initial "suck factor" which will have to be overcome when getting started.

5. $2,500 Leaking parts of private Hackerone reports - timeless cross-site leaks:️ This video is an explanation of bug bounty report submitted on Hackerone to Hackerone's own bug bounty program.

🎵 Audio

1. Jocko Podcast - 221: The Unimaginable Path of Jonny Kim. SEAL Combat Medic, Doctor, Astronaut.

2. Mac Power Users - Unleashed, Indeed: Stephen and David talk through Apple's new batch of MacBook Pros, powered by the M1 Pro and M1 Max systems on a chip.

3. Automators Micro-Automations: It's those tiny little automations that can make your life easy.

Get $100 to try DigitalOcean - The go-to VPS for bug bounty hunters. I use it for all of my own recon and automation needs, plus it also doubles as a VPN. They have every cloud resource you need at an affordable price.

Subscribe to Premium to read the rest.