$2,500 Leaking parts of private Hackerone reports - timeless cross-site leaks

Описание к видео $2,500 Leaking parts of private Hackerone reports - timeless cross-site leaks

📧 Subscribe to BBRE Premium: https://bbre.dev/premium
✉️ Sign up for the mailing list: https://bbre.dev/nl
📣 Follow me on Twitter: https://bbre.dev/tw


This video is an explanation of bug bounty report submitted on Hackerone to Hackerone's own bug bounty program. The bug was a timeless cross-site leaks attack (also known as timeless timing attack). It allowed disclosing parts of private Hackerone reports.

🖥 Get $100 in credits for Digital Ocean 🖥
https://m.do.co/c/cc700f81d215

Report:
https://hackerone.com/reports/493176

Reporter's twitter:
  / tomvangoethem  

The presentation about Timeless timing attacks from ‪@DEFCONConference‬
   • DEF CON 29 - Tom Van Goethem, Mathy V...  

The whitepaper:
https://www.usenix.org/system/files/s...

Follow me on twitter:
  / gregxsunday  

Timestamps:

00:00 Intro
00:30 What is /bugs.json endpoint on Hackerone?
01:30 Time-based XSleak technique
04:32 Timeless XSleak technique
06:28 TCP congestion - How to force the browser to send 2 HTTP requests in 1 TCP packet?
08:12 Extracting contents of private Hackerone reports

Комментарии

Информация по комментариям в разработке

Похожие видео