HITB - Creating Browser Extensions To Hunt For Low Hanging Fruits

Image credit: Cooper

Abstract

With the recent advancements in technology, more people are aware of the importance of security. More companies started paying huge rewards to protect the sensitive information of their customers. Automated scanners won’t yield you bugs these days. Automated scanners can’t be used to scan every website you visit daily. You need a smart scanner while hunting for bugs.

I found vulnerabilities in Bugcrowd, Hotstar, Medium, Signup.com, Chargify etc using this minimal browser extension. In this talk, we will be focusing on creating your own minimal smart scanner as browser(Firefox ESR) extension to detect header related vulnerabilities. This extension monitors the request and response headers passing through your browser and detects vulnerabilities in them. The browser extension is capable of detecting CORS misconfigurations, host header injections, and clickjacking vulnerabilities.

In the process, you will be learning about basic header vulnerabilities like CORS misconfiguration, host header injection, clickjacking and exploitation scenarios, detection methods and the biggest bounties earned through simplest detection techniques for each of the above vulnerabilities.

Date
Nov 27, 2018 12:00 AM
Location
Dubai, United Arab Emirates
Rewanth Tammana
Rewanth Tammana
Senior Security Architect

Rewanth Tammana is a security ninja, open-source contributor, and an independent consultant. Previously, Senior Security Architect at Emirates NBD (National Bank of Dubai). He is passionate about DevSecOps, Cloud, and Container Security. He added 17,000+ lines of code to Nmap (famous as Swiss Army knife of network utilities). Holds industry certifications like CKS (Certified Kubernetes Security Specialist), CKA (Certified Kubernetes Administrator), etc. Rewanth speaks and delivers training at multiple international security conferences around the world including Black Hat, Defcon, Hack In The Box (Dubai and Amsterdam), CRESTCon UK, PHDays, Nullcon, Bsides, CISO Platform, null chapters and multiple others. He was recognized as one of the MVP researchers on Bugcrowd (2018) and identified vulnerabilities in several organizations. He also published an IEEE research paper on an offensive attack in Machine Learning and Security. He was also a part of the renowned Google Summer of Code program.

Related