🐝 Hive Five 57 – Saved You One Click

Hi friends,

Greetings from the hive!

I hope you had a wonderful weekend. How’s the weather where you are? Unfortunately, over here, it went from warm temperatures to ice cold. We had some snow over the weekend.

Speaking of the unexpected, I learned that Netflix has a different release schedule for new seasons per region.

Enough chitchat. Let's take this week by swarm!

🐝 The Bee's Knees

1. An XSS on Facebook via PNGs & Wonky Content Types: Content uploaded to Facebook is stored on their CDN, which is served via various domains (most of which are sub-domains of either akamaihd or fbcdn).

2. Sudo Exploit for Ubuntu 20.04 LTS: This is the end. We finally develop a working sudoedit exploit for Ubuntu 20.04.

3. 100 hours of bug bounty on a public Hackerone program - Bounty vlog #1 Stripe.

4. "Zero-Days" Without Incident - Compromising Angular via Expired npm Publisher Email Domains: Recently Matthew took an interest in the npm registry due to it’s critical role in the security of managing packages for all of JavaScript and Node. Bonus read.

5. Top 10 web hacking techniques of 2021: Welcome to the Top 10 (new) Web Hacking Techniques of 2021, the latest iteration of our annual community-powered effort to identify the most significant web security research released in the last year.

🙏🏻 Support the Hive

• Get $100 to try DigitalOcean. The go-to VPS for bug bounty hunters. I use it for all of my own recon and automation needs, plus it also doubles as a VPN. They have every cloud resource you need at an affordable price.

Become a sponsor

🔥 Buzzworthy

✅ Changelog

1. PentesterLab released the last 3 challenges for the HTTP Badge.

2. New ZAP Networking Layer: The latest Weekly and Live ZAP releases are now using a completely different networking stack. Previously, ZAP used code written for Paros Proxy on top of an old and out of date version of the Apache Commons HttpClient library.

3. reconFTW v2.2: a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities.

4. Osmedeus v4.0.2: A Workflow Engine for Offensive Security.

5. Semgrep's February 2022 Updates - Developer Feedback, Editor, and much more.

📅 Current Events

1. 2022 security conferences people are looking forward to.

2. SE Village operator humanhacker has been banned from the conference due to COC violations: Also DEF CON Group DCG414 has been disbanded due to COC violations by the group's primary point of contact.

3. Celebrate Valentine's Day with Hack The Box: A new Valentine'ss Day tournament is coming,

4. OWASP DevSlop - Attacking JSON Web Tokens with Louis Nyffenegger: Scheduled for Feb 18, 2022.

🎉 Celebrate

1. Spaceraccoon is happy with their choice to seek new areas of research and learning: Awesome!

2. Michael celebrating CaidoIO: Exciting!

3. x1m's Microsoft bounty: Congrats!

💰 Career Corner

1. What infosec jobs look like on a day-to-day basis.

2. Headspace is hiring a Senior Security Engineer.

📰 Articles

1. Bug bounty hunter to working at Microsoft: In this blog post they'll be going over the differences between bug hunting as a hobby and vulnerability research as a job.

2. I Used Apple AirTags, Tiles and a GPS Tracker to Watch My Husband’s Every Move.

3. Google Vulnerability Reward Program - 2021 Year in Review: Last year was another record setter for their Vulnerability Reward Programs (VRPs). Throughout 2021, they partnered with the security researcher community to identify and fix thousands of vulnerabilities – helping keep their users and the internet safe.

4. CVE-2022-21703: cross-origin request forgery against Grafana: This post is a writeup about CVE-2022-21703, which is the result of a collaborative effort between bug-bounty hunter abrahack and jub0bs.

5. A technique to semi-automatically find vulnerabilities in WordPress plugins.

📚 Resources

1. Rachel Tobac book recommendation: written by Maxie Reynolds, The Art of Attack: Attacker Mindset for Security Professionals.

2. Henk van Ess on how to do audio OSINT.

3. Joran shares what makes a good bug report.

4. trickest/cve: Gather and update all available and newest CVEs with their POC.

5. EdOverflow's Bookshelf.

🎥 Videos

1. IppSec tackling HackTheBox - EarlyAccess.

2. How to Be an Ethical Hacker in 2022 by The Cyber Mentor.

3. Reverse Engineering 101 - Introduction to IDA Free on Linux: Reversing 2 crackmes.

4. Bug Bounty Live Recon - Grabbing Domains.

🎵 Audio

1. Privacy, Security & OSINT #250 - Consequences of Product Refunds: This week they discuss the ways your store refunds are monitored and used against you, plus a new flag-planting lesson regarding vehicle insurance companies.

2. Smashing Security #261 - North Korea hacked, DEA cosplay, and Horizon Worlds drama: Who's wearing the pyjamas while they take down North Korea's internet? Is it a case of cop or cosplay in Oregon? And what's to fear about the metaverse?

3. Risky Business #654 - FBI arrests deeply annoying cryptocurrency influencers.

4. Darknet Diaries #110 - Spam Botnets: This episode tells the stories of some of the worlds biggest spamming botnets.

5. Malicious Life - The Greatest Espionage Operation Ever, Part 1.

Get $100 to try DigitalOcean - The go-to VPS for bug bounty hunters. I use it for all of my own recon and automation needs, plus it also doubles as a VPN. They have every cloud resource you need at an affordable price.

Subscribe to the Hive Five to read the rest.