Day 3⃣9⃣
I will teach you how to find bugs in open source software step by step
Lets go!
I will teach you how to find bugs in open source software step by step
Lets go!
1. You use the query I posted yesterday to find potential targets: github.com/search?q=stars…
(You can adapt the number of stars to your liking, anything more than 50 stars should suffice)
You now have 1068 RESULTS - WAOW.
(You can adapt the number of stars to your liking, anything more than 50 stars should suffice)
You now have 1068 RESULTS - WAOW.
2. You get into your hacker mindset and figure out which ones are juicy targets🧃
but... How?
Easy, all you have to do is think about vulnerabilities...
What?
Ok, let me explain
but... How?
Easy, all you have to do is think about vulnerabilities...
What?
Ok, let me explain
Vulnerabilities are triggered by user input, right?!
Hacker puts something in the form/input field and BOOM goes the dynamite.
So you need an application that has some kind of input fields
Hacker puts something in the form/input field and BOOM goes the dynamite.
So you need an application that has some kind of input fields
Generally these are good targets:
- Web Frameworks
- Content management Systems (CMS)
- Enterprise Resource Planning (ERP)
- Customer Relation Management (CRM)
- Exporter / Importer
Why?
- Web Frameworks
- Content management Systems (CMS)
- Enterprise Resource Planning (ERP)
- Customer Relation Management (CRM)
- Exporter / Importer
Why?
Web Frameworks because they have lots of abstractions and potential input fields, they are complex because they hide away complexity from users and that is HARD.
CMS, ERP, CRM Systems all have one thing in common:
- lots of modules
CMS, ERP, CRM Systems all have one thing in common:
- lots of modules
That's their selling point and also Achilles' heel.
Every module can be configured, has inputs, handles lots of data and as I told you yesterday - complexity is the perfect breeding ground for bugs 🪲!
Every module can be configured, has inputs, handles lots of data and as I told you yesterday - complexity is the perfect breeding ground for bugs 🪲!
Last but not least - importer / exporter
They often handle customer data and connect with external systems
Specifically any PII - Personal Identifiable Information is worth its weight in gold and needs to be protected at all cost!
👋 GDPR - Love ya.
Next...
They often handle customer data and connect with external systems
Specifically any PII - Personal Identifiable Information is worth its weight in gold and needs to be protected at all cost!
👋 GDPR - Love ya.
Next...
3. Choose one Open Source Project. Any one is fine.
You shall now forge your mind in the fire 🔥.
Now comes the hard part...
4. Installing the software so that you can hack it 😅
You shall now forge your mind in the fire 🔥.
Now comes the hard part...
4. Installing the software so that you can hack it 😅
The easiest solution in my book is @Docker - so you go to hub.docker.com
...and now you type the name of the open source software into the docker hub search and pray that there will be a result.
...and now you type the name of the open source software into the docker hub search and pray that there will be a result.
For illustration I choose farmOS - a digital management system for farms 🧑🌾
I search docker hub for farmOS and I am lucky: hub.docker.com/search?q=farmos
NICE.
Now we need to install docker and then we can get hacking
I search docker hub for farmOS and I am lucky: hub.docker.com/search?q=farmos
NICE.
Now we need to install docker and then we can get hacking
Lucky for us that is also possible: docker.com will most likely select the correct version for you to install automagically
IF NOT choose the correct Operating System from the Selection and download the file - when that is done, double click and install
IF NOT choose the correct Operating System from the Selection and download the file - when that is done, double click and install
Now everything should be setup for us to use docker to spin up our farming management system and hack away
We need to type two commands into our terminal:
1. docker pull farmos/farmos
This will download the container to your computer - if it fails, make sure docker is running!
We need to type two commands into our terminal:
1. docker pull farmos/farmos
This will download the container to your computer - if it fails, make sure docker is running!
If you don't know what that means - DM me and I will help you.
Just don't type "Hey", "Hello" and nothing else - I won't answer those.
Just don't type "Hey", "Hello" and nothing else - I won't answer those.
Now comes the moment we have all been waiting for, we will start the container and run the application:
docker run --rm -p 80:80 -v "${PWD}/sites:/opt/drupal/web/sites" farmos/farmos
(found in the great documentation of farmOS - farmos.org/hosting/instal…)
docker run --rm -p 80:80 -v "${PWD}/sites:/opt/drupal/web/sites" farmos/farmos
(found in the great documentation of farmOS - farmos.org/hosting/instal…)
if all goes well and you type
docker ps
into your terminal now, you should see a container running - WOHOOOOOO, well done.
Now enter 127.0.0.1 into your browser and press enter.
The installation form should popup and guide you through the rest of the installation
docker ps
into your terminal now, you should see a container running - WOHOOOOOO, well done.
Now enter 127.0.0.1 into your browser and press enter.
The installation form should popup and guide you through the rest of the installation
Tomorrow we continue exactly here and will hack the application together - let's see if we can make it safer.
Happy Hunting.
If this thread provided value to you, please consider following me for more information and walk-throughs.
Thank youuuuu
Happy Hunting.
If this thread provided value to you, please consider following me for more information and walk-throughs.
Thank youuuuu
In October we will do lots of #BugBounty - #30DaysOfBugBounty
November is the #BlueTeam Month
December we will jump into #JobHunting and Certificates in #CyberSecurity
November is the #BlueTeam Month
December we will jump into #JobHunting and Certificates in #CyberSecurity
• • •
Missing some Tweet in this thread? You can try to
force a refresh
