Share this page!

Maik Ro Profile picture
Twitter logo
Oct 14 12 tweets 5 min read
Day 4⃣0⃣

Today we will start hacking the application we selected yesterday.
In my case it was farmOS - you might have choosen a different Open Source Software you found on github - which is fine, the methodology is the same.

What to do first?

Right, start the application…
Recap:

We installed @Docker so that we can automagically have it running without headaches.

Now make sure that docker is running and type

docker ps

into your terminal. Your output should look similar to this one (the CONTAINER ID, PORTS and NAMES might look differently) terminal output of docker ps command - shows farmOS containe
Good now go to your web browser and type

localhost

You might be greeted with this error - I just refreshed the page and it was gone - MAGIC! 🪄 farmOS installation screen showing an error that a settings
Next we need to select a database:
I choose SQLite which is a database that consists of a single file on the disk.
Really smooth and easy to setup - one click and done.

Save and continue picture showing farmOS installation screen - select a databa
now farmOS installs itself...

and asks us which modules we want to select...

since I have no idea what all the modules do, I just select ALL OF THEM 😅

Save and continue
We are almost finished

Now we hack. 🏴‍☠️🏴‍☠️🏴‍☠️

Question 1:
What do we look for?

Answer 1:
We need to understand what we are looking at here - so let's find out the tech stack first

Enter Wappalizer Browser Extension: chrome.google.com/webstore/detai… wappalizer extension overview showing CMS drupal, programmin
We find Drupal (Version 9), Apache (Version 2.4.54) and PHP.

What are those?

Drupal is @drupal - a php based open source Content Management System (CMS)

A github search shows us the source code of Drupal and the current version (9.5.x) github.com/drupal/drupal drupal github overview - showing version 9.5.x
Google also shows us that apache 2.4.54 is the current version of the web server - httpd.apache.org

Now comes your task for today - figure out if there are any vulnerabilities / CVEs reported for:

1. farmOS
2. Drupal 9.5.x
3. apache 2.5.54

You will win a prize.
1 month of free @hackthebox_eu premium VIP or @tryhackme subscription (your choice) - paid by me.

All you have to do is reply to this tweet with the answers - I will select the winner in the thread tomorrow.
Tomorrow we will look for XSS - cross site scripting vulnerabilities - if you want to have more homework, try fuzzing all input fields.

If you don't know what that means - I will share it tomorrow.

#BugBounty #30DaysOfBugBounty
Oh and if you want to learn more about:

Bug Bounty methodology in October

Blue Team topics in November

Finding a job in Cyber Security in December

Make sure to click that follow button. Thank you!

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Maik Ro

Maik Ro Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @maikroservice

Maik Ro Profile picture
Oct 15
Day 4⃣1⃣

We will learn how to fuzz input fields today - first we fuzz manually today.
First things first - remember we had a giveaway yesterday - Winner:

@Illusionist3886

Twist 1: @Rohaan_ because I am having a nice day - you win as well

Congratulations to both of you - DM me for details.

Now on to hacking!
We checked the technologies, found version numbers and tried to find previously reported vulnerabilities.

One thing should have caught your eye - farmOS does not have ANY! reported vulnerabilities.

Is this good or bad?

BOTH.
Read 20 tweets
Maik Ro Profile picture
Oct 13
Day 3⃣9⃣

I will teach you how to find bugs in open source software step by step

Lets go!
1. You use the query I posted yesterday to find potential targets: github.com/search?q=stars…

(You can adapt the number of stars to your liking, anything more than 50 stars should suffice)

You now have 1068 RESULTS - WAOW.
2. You get into your hacker mindset and figure out which ones are juicy targets🧃

but... How?

Easy, all you have to do is think about vulnerabilities...

What?

Ok, let me explain
Read 18 tweets
Maik Ro Profile picture
Oct 12
Day 3⃣8⃣

Let's get started with Offensive Security & Bug Bounty -

What do you need to know as a Beginner?

Let me tell you.

No organization in the whole wide world needs people that can just hack.

Why - a 🧵
I believe that purple teaming - a combination of Red - offensive - and Blue - defensive security, is the path of the future, and the ONLY PATH really.

But! Currently we are training people the entirely wrong way.
We train hackers to choose between offensive and defensive sides.

So naturally there is a unwritten conflict between the two - it's a cat & mouse game.

Red Team hacks, Blue Team patches / fixes / forwards issues to the development teams.

See the issue?
Read 12 tweets
Maik Ro Profile picture
Oct 7
Day 3️⃣ 3️⃣

What is the one thing that separates newbie bug hunters from the professionals - let me tell you
It’s persistence. The tools and ideas that for example @Jhaddix shows is his talks are far beyond the level I thought someone would use for Bug Bounty.

There was one Technique that blew my mind 🤯
It is scraping cloud provider IP ranges (proactively and recurring)

Imagine you are hacking on a program and you want to check which assets they have.

I assume at least 99% of what’s running on the web now is hosted by Cloud Providers (AWS, Azure, GCP, Digital Ocean etc)
Read 8 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Don't want to be a Premium member but still want to support us?

Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us on Twitter!

Send Email!

Email the whole thread instead of just a link!

Separate emails with commas

:(