A quick round of Google dorking on a private HackerOne program revealed an interesting dynamic segment on a login page. Inspecting the source, I gladly realized that the 24 character UUID string was being reflected in the DOM header.
https://notactualwebsite.com/Service/(S(yx3i1snmqozalj5bxudebcga))/Login.aspxpress to continue...
Years ago, when I started building web applications I would simplistically imagine them as a 2D graph of assets. It didn’t take long before I started running into race conditions, time zone discrepancies and caching issues, which made me become aware of the crucial dimension of time in which an application evolves. As I started becoming familiarized with security issues, I realized that vulnerabilities often occur at the boundaries of an application’s assets, where references to past/future assets (subdomains, links, libraries, 3rd party services etc) are often left dangling, outdated or become actual vulnerabilities themselves. What follows are some findings I stumbled upon while keeping this perspective in mind.press to continue...
I’ve been using
catfor ages to display contents of files. I used it very rarely to actually concatenate files together. A few years ago, it was revealed that
catinterprets escaped sequences. If you’ve been doing any kind of security work, you know how that can turn bad. I’ve already been using
tail -fto follow logs, since I started doing web development. I always had the problem that I wanted to scroll back but, as new items were added, it would automatically scroll me back to the end of the file. At one point I stumbled upon a good alternative, namely using
less +F. I loved that you can switch between examine (
^C) and follow mode (⇧
F).press to continue...