SlideShare une entreprise Scribd logo

Bug Bounty แบบแมว ๆ

P
Pichaya Morimoto

Red Pill 2017 - An offensive security conference in Thailand 30 November 2017, Faculty of Engineering, Chulalongkorn University #redpill2017

Technologie
1  sur  46
Télécharger pour lire hors ligne
Version: [--VX.X--] Date: [--YYYY-MM-DD--] Author: [--Author--] Responsible: [--Responsible--] Confidentiality Class: [--Confidentiality Class--] Version: 1.0 Date: 2017-09-30 Author: P. Morimoto Responsible: P. Morimoto Confidentiality Class: Public Bug Bounty แบบแมว ๆ
© 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: [--Title--] | Responsible: [--Responsible--] Version / Date: [--VX.X / YYYY-MM-DD--] | Confidentiality Class: [--Confidentiality Class--] © 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: Bug Bounty แบบแมว ๆ| Responsible: P. Morimoto Version / Date: 1.0 / 2017-09-30 | Confidentiality Class: Public © 2014 SEC Consult Unternehmensberatung GmbH All rights reserved Vienna (HQ) | AT Wiener Neustadt | AT Vilnius | LT Berlin| DE Montreal | CA Singapore | SG Moscow | RU Zurich | CH SEC Consult Offices SEC Consult Clients Bangkok | TH SEC Consult – Who we are Found in 2002 70+ Security Experts 400+ Security Audits per year Globally operating SEC Consult Vulnerability Lab Malaysia | MY Luxembourg | LU Linz | AT
© 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: [--Title--] | Responsible: [--Responsible--] Version / Date: [--VX.X / YYYY-MM-DD--] | Confidentiality Class: [--Confidentiality Class--] © 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: Bug Bounty แบบแมว ๆ| Responsible: P. Morimoto Version / Date: 1.0 / 2017-09-30 | Confidentiality Class: Public © 2014 SEC Consult Unternehmensberatung GmbH All rights reserved Advisor for information security Expert for the implementation of security processes and policies (ISO 27001, BS 25999, GSHB) Leading company for technical security audits Specialist for web application security according to ONR 17700 Independent of product manufacturers Our customers are public authorities, financial institutions and insurance companies in Central Europe Sectoral orientation (defence, public, finance, industry) SEC Consult – Who we are 3
© 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: [--Title--] | Responsible: [--Responsible--] Version / Date: [--VX.X / YYYY-MM-DD--] | Confidentiality Class: [--Confidentiality Class--] © 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: Bug Bounty แบบแมว ๆ| Responsible: P. Morimoto Version / Date: 1.0 / 2017-09-30 | Confidentiality Class: Public © 2014 SEC Consult Unternehmensberatung GmbH All rights reserved 4 ISO/IEC 27001 Certificate entire company within certification scope certified since 16.01.2008
© 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: [--Title--] | Responsible: [--Responsible--] Version / Date: [--VX.X / YYYY-MM-DD--] | Confidentiality Class: [--Confidentiality Class--] © 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: Bug Bounty แบบแมว ๆ| Responsible: P. Morimoto Version / Date: 1.0 / 2017-09-30 | Confidentiality Class: Public © 2014 SEC Consult Unternehmensberatung GmbH All rights reserved 5 SEC Consult Vulnerability Lab European leading research lab for the identification of vulnerabilities and the analysis of new technologies, products and applications (security advisories) Integral part of the education and the further training of the security experts at SEC Consult Early information of our customers due to SEC Consult security alerts Support of well-known manufacturers to enhance the security of their products Companies and organisations SEC Consult has released security advisories for (excerpt). For details see: http://www.sec-consult.com/72.html
© 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: [--Title--] | Responsible: [--Responsible--] Version / Date: [--VX.X / YYYY-MM-DD--] | Confidentiality Class: [--Confidentiality Class--] © 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: Bug Bounty แบบแมว ๆ| Responsible: P. Morimoto Version / Date: 1.0 / 2017-09-30 | Confidentiality Class: Public © 2014 SEC Consult Unternehmensberatung GmbH All rights reserved 6 Who am I ? (Professional) Pichaya Morimoto IT Security Consultant Certifications: • Offensive Security Certified Professional (OSCP) • GIAC Web Application Penetration Tester (GWAPT) • Certified Ethical Hacker (CEH) • CompTIA Security+ Published Security Advisories: • 2014 - Privilege Escalation in Snort pfSense Package - Wordpress TimThumb 2.8.13 WebShot RCE - HybridAuth install.php PHP RCE • 2015 - PHP MoAdmin 1.1.2 RCE - Schedule Facebook Posts 1.5.6 SQL Injection - Lime Survey Multiple Critical Vulnerabilities • 2016 - Yeager CMS Multiple Critical Vulnerabilities - ASUS DSL-N55U router Multiple Vulnerabilities - LINE platform Multiple Vulnerabilities • 2017 - Aruba AirWave 8.2.3 External Entity Injection
© 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: [--Title--] | Responsible: [--Responsible--] Version / Date: [--VX.X / YYYY-MM-DD--] | Confidentiality Class: [--Confidentiality Class--] © 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: Bug Bounty แบบแมว ๆ| Responsible: P. Morimoto Version / Date: 1.0 / 2017-09-30 | Confidentiality Class: Public © 2014 SEC Consult Unternehmensberatung GmbH All rights reserved 7 Who am I ? (Personal) Co-administrator of สอนแฮกเว็บแบบแมว ๆ *Former* CTF Player of Pwnladin Team Co-administrator of 2600 Thailand Security Addict http://thehackernews.com/2014/06/zero-day-timthumb-webshot-vulnerability.html
© 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: [--Title--] | Responsible: [--Responsible--] Version / Date: [--VX.X / YYYY-MM-DD--] | Confidentiality Class: [--Confidentiality Class--] © 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: Bug Bounty แบบแมว ๆ| Responsible: P. Morimoto Version / Date: 1.0 / 2017-09-30 | Confidentiality Class: Public © 2014 SEC Consult Unternehmensberatung GmbH All rights reserved 8 Who am I ? (Personal) OWASP Thailand Meeting 3/2014 Topic: SQL Injection 101 : It is not just about ' or '1'='1 OWASP Thailand Meeting 5/2015 Topic: SQLi + Secure Coding with Hands-on OWASP Thailand Meeting 7/2016 Topic: Security Misconfiguration OWASP Thailand Meeting 2/2017 Topic: OWASP Top Ten Proactive Controls 2016 ….
© 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: [--Title--] | Responsible: [--Responsible--] Version / Date: [--VX.X / YYYY-MM-DD--] | Confidentiality Class: [--Confidentiality Class--] © 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: Bug Bounty แบบแมว ๆ| Responsible: P. Morimoto Version / Date: 1.0 / 2017-09-30 | Confidentiality Class: Public © 2014 SEC Consult Unternehmensberatung GmbH All rights reserved 9 Who am I ? (Personal) • Bug Bounty hunter • Occasionally, kill bugs for free Metasploit modules: • exploit/multi/http/phpmoadmin_exec • exploit/unix/webapp/hybridauth_install _php_exec • auxiliary/admin/http/limesurvey_file_ download and a lot more private exploit research and developments : )
© 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: [--Title--] | Responsible: [--Responsible--] Version / Date: [--VX.X / YYYY-MM-DD--] | Confidentiality Class: [--Confidentiality Class--] © 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: Bug Bounty แบบแมว ๆ| Responsible: P. Morimoto Version / Date: 1.0 / 2017-09-30 | Confidentiality Class: Public © 2014 SEC Consult Unternehmensberatung GmbH All rights reserved 10 Hackers, Script Kiddies, Cyber Criminals https://twitter.com/GhostSquadHack/status/820951470984036353 Notoriety, fun and curiosity
© 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: [--Title--] | Responsible: [--Responsible--] Version / Date: [--VX.X / YYYY-MM-DD--] | Confidentiality Class: [--Confidentiality Class--] © 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: Bug Bounty แบบแมว ๆ| Responsible: P. Morimoto Version / Date: 1.0 / 2017-09-30 | Confidentiality Class: Public © 2014 SEC Consult Unternehmensberatung GmbH All rights reserved 11 Professional Cyber Criminal http://www.reuters.com/article/us-usa-cyber-swift-exclusive/exclusive-swift-confirms-new-cyber-thefts-hacking-tactics-idUSKBN1412NT
© 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: [--Title--] | Responsible: [--Responsible--] Version / Date: [--VX.X / YYYY-MM-DD--] | Confidentiality Class: [--Confidentiality Class--] © 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: Bug Bounty แบบแมว ๆ| Responsible: P. Morimoto Version / Date: 1.0 / 2017-09-30 | Confidentiality Class: Public © 2014 SEC Consult Unternehmensberatung GmbH All rights reserved 12 A Hacker + Critical Vulnerability = ? • Keep Secret • Hack For $$$$ • Full Disclosure • Vulnerability Disclosure Program • Bug Bounty Program
© 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: [--Title--] | Responsible: [--Responsible--] Version / Date: [--VX.X / YYYY-MM-DD--] | Confidentiality Class: [--Confidentiality Class--] © 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: Bug Bounty แบบแมว ๆ| Responsible: P. Morimoto Version / Date: 1.0 / 2017-09-30 | Confidentiality Class: Public © 2014 SEC Consult Unternehmensberatung GmbH All rights reserved 13 Bug Bounty Program “A deal offered by many websites and software developers by which individuals can receive recognition and compensation for reporting bugs, especially those pertaining to exploits and vulnerabilities.” https://en.wikipedia.org/wiki/Bug_bounty_program https://www.slideshare.net/bugcrowd/webinar-48444938
© 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: [--Title--] | Responsible: [--Responsible--] Version / Date: [--VX.X / YYYY-MM-DD--] | Confidentiality Class: [--Confidentiality Class--] © 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: Bug Bounty แบบแมว ๆ| Responsible: P. Morimoto Version / Date: 1.0 / 2017-09-30 | Confidentiality Class: Public © 2014 SEC Consult Unternehmensberatung GmbH All rights reserved 14 Europol: What’s it gonna be ? https://www.europol.europa.eu/publications-documents/cyber-crime-vs-cyber-security-what-will-you-choose-poster Cybersecurity Expert Skills in coding, gaming, computer programming and anything IT-related are in high demand by the public and private sectors. There are many careers and professional opportunities available. Cyber Criminal Young people getting involved with cybercrime could face: - A visit and a warning from police - Being arrested, a penalty or fine - Prison, for serious offences - Criminal records which can affect your education, future career prospects and traveling overseas options
© 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: [--Title--] | Responsible: [--Responsible--] Version / Date: [--VX.X / YYYY-MM-DD--] | Confidentiality Class: [--Confidentiality Class--] © 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: Bug Bounty แบบแมว ๆ| Responsible: P. Morimoto Version / Date: 1.0 / 2017-09-30 | Confidentiality Class: Public © 2014 SEC Consult Unternehmensberatung GmbH All rights reserved 15 Bug Bounty for Hackers ( YOU ! ) • Make $$$$ legally from home or anywhere J • In high demand for IT security career • Add results to your resume ! https://www.linkedin.com/in/icheernoom/
© 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: [--Title--] | Responsible: [--Responsible--] Version / Date: [--VX.X / YYYY-MM-DD--] | Confidentiality Class: [--Confidentiality Class--] © 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: Bug Bounty แบบแมว ๆ| Responsible: P. Morimoto Version / Date: 1.0 / 2017-09-30 | Confidentiality Class: Public © 2014 SEC Consult Unternehmensberatung GmbH All rights reserved 16 Bug Bounty for Hackers ( YOU ! ) • Hall of Fame https://bugbounty.linecorp.com/en/halloffame/2016/
© 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: [--Title--] | Responsible: [--Responsible--] Version / Date: [--VX.X / YYYY-MM-DD--] | Confidentiality Class: [--Confidentiality Class--] © 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: Bug Bounty แบบแมว ๆ| Responsible: P. Morimoto Version / Date: 1.0 / 2017-09-30 | Confidentiality Class: Public © 2014 SEC Consult Unternehmensberatung GmbH All rights reserved Bug Bounty for Hackers ( Me ) 17 Special Contributor in LINE Security Bug Bounty Program • https://bugbounty.linecorp.com/en/halloffame/ (2017) • https://bugbounty.linecorp.com/en/halloffame/2016/ (2016)
© 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: [--Title--] | Responsible: [--Responsible--] Version / Date: [--VX.X / YYYY-MM-DD--] | Confidentiality Class: [--Confidentiality Class--] © 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: Bug Bounty แบบแมว ๆ| Responsible: P. Morimoto Version / Date: 1.0 / 2017-09-30 | Confidentiality Class: Public © 2014 SEC Consult Unternehmensberatung GmbH All rights reserved 18 Bug Bounty for Hackers ( YOU ! ) https://www.blognone.com/node/79729 2016: Student + Part-time Bug Bounty Hunter NOW: IT Security Professional @ Central Online
© 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: [--Title--] | Responsible: [--Responsible--] Version / Date: [--VX.X / YYYY-MM-DD--] | Confidentiality Class: [--Confidentiality Class--] © 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: Bug Bounty แบบแมว ๆ| Responsible: P. Morimoto Version / Date: 1.0 / 2017-09-30 | Confidentiality Class: Public © 2014 SEC Consult Unternehmensberatung GmbH All rights reserved 19 Bug Bounty for Hackers ( YOU ! ) https://www.facebook.com/whitehat/thanks https://en.wikipedia.org/wiki/Bug_bounty_program#/media/File:Facebook_t-shirt_with_whitehat_debit_card_for_Hackers.jpg Facebook Hall of Fame for White Hat hackers 2016 • Suvicha Buakhom (สุวิชา บัวคอม) 2015 • Kittinan Srithaworn (ตั#น) 2014 • Suphannee Sivakorn
© 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: [--Title--] | Responsible: [--Responsible--] Version / Date: [--VX.X / YYYY-MM-DD--] | Confidentiality Class: [--Confidentiality Class--] © 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: Bug Bounty แบบแมว ๆ| Responsible: P. Morimoto Version / Date: 1.0 / 2017-09-30 | Confidentiality Class: Public © 2014 SEC Consult Unternehmensberatung GmbH All rights reserved 20 Bug Bounty for Organizations • Reduce security risk for your products and services • Cost effective approach for security testing • Lower costs compared to Pentest services *Oops!* • Pay high reward only for high quality bugs J • Good security reputation http://www.360logica.com/blog/wp-content/uploads/2014/05/Bug-Bounty-Programs-A-Big-Security-Measure.jpg
© 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: [--Title--] | Responsible: [--Responsible--] Version / Date: [--VX.X / YYYY-MM-DD--] | Confidentiality Class: [--Confidentiality Class--] © 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: Bug Bounty แบบแมว ๆ| Responsible: P. Morimoto Version / Date: 1.0 / 2017-09-30 | Confidentiality Class: Public © 2014 SEC Consult Unternehmensberatung GmbH All rights reserved 21 Success Stories - GitHub on HackerOne platform Neil Matatall, Security Engineer, Github https://www.hackerone.com/sites/default/files/2017-05/Case%20Study%20-%20GitHub%20-%20FINAL.pdf “When we use third parties, we ask them to focus on a specific area. With bounties, researchers look at anything and everything.” "This ensures that the amount of time a bug exists will be shorter than it would’ve been without a bounty program." "It doesn't fully replace manual assessment work, but it certainly complements it nicely"
© 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: [--Title--] | Responsible: [--Responsible--] Version / Date: [--VX.X / YYYY-MM-DD--] | Confidentiality Class: [--Confidentiality Class--] © 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: Bug Bounty แบบแมว ๆ| Responsible: P. Morimoto Version / Date: 1.0 / 2017-09-30 | Confidentiality Class: Public © 2014 SEC Consult Unternehmensberatung GmbH All rights reserved 22 Success Stories - GitHub on HackerOne platform Neil Matatall, Security Engineer, Github https://www.hackerone.com/sites/default/files/2017-05/Case%20Study%20-%20GitHub%20-%20FINAL.pdf https://www.hackerone.com/assets/images/landing/resources/downloads/Bug-Bounty-Field-Manual-complete-ebook.pdf • As of March 2017, paid $80,000 (2.6 Million Baht) • 73 submissions • 6% valid bug (48 out of 795 reports) "Financially, a bounty program is cheaper than a full-time employee or a third- party consulting firm, so we’d be spending more money without it."
© 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: [--Title--] | Responsible: [--Responsible--] Version / Date: [--VX.X / YYYY-MM-DD--] | Confidentiality Class: [--Confidentiality Class--] © 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: Bug Bounty แบบแมว ๆ| Responsible: P. Morimoto Version / Date: 1.0 / 2017-09-30 | Confidentiality Class: Public © 2014 SEC Consult Unternehmensberatung GmbH All rights reserved 23 Success Stories - HackerOne platform https://www.hackerone.com/sites/default/files/2017-05/Case%20Study%20-%20GitHub%20-%20FINAL.pdf
© 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: [--Title--] | Responsible: [--Responsible--] Version / Date: [--VX.X / YYYY-MM-DD--] | Confidentiality Class: [--Confidentiality Class--] © 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: Bug Bounty แบบแมว ๆ| Responsible: P. Morimoto Version / Date: 1.0 / 2017-09-30 | Confidentiality Class: Public © 2014 SEC Consult Unternehmensberatung GmbH All rights reserved I like it, sounds good to me 24 Question: Shall my company start Bug Bounty Program now? Answer: Stop there! Please learn things from HackerOne 1. Bug Bounty Readiness Assessment Questionnaire https://drive.google.com/file/d/0Bw2srC8rsYIRUDZJU1R0UmJLTG8/view 2. Bug Bounty Field Manual https://www.hackerone.com/resources/bug-bounty-field-manual (https://www.hackerone.com/assets/images/landing/resources/ downloads/Bug-Bounty-Field-Manual-complete-ebook.pdf)
© 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: [--Title--] | Responsible: [--Responsible--] Version / Date: [--VX.X / YYYY-MM-DD--] | Confidentiality Class: [--Confidentiality Class--] © 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: Bug Bounty แบบแมว ๆ| Responsible: P. Morimoto Version / Date: 1.0 / 2017-09-30 | Confidentiality Class: Public © 2014 SEC Consult Unternehmensberatung GmbH All rights reserved What if … 25 • We do vulnerability scan frequently • We do pentest for newly developed system and/or quarterly • We have dedicated IT security team (blue team and/or red team) • We have a variety of internal and external webapps and mobile APIs • We often receive vulnerability reports from security researchers = Please consider Bug Bounty Program J
© 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: [--Title--] | Responsible: [--Responsible--] Version / Date: [--VX.X / YYYY-MM-DD--] | Confidentiality Class: [--Confidentiality Class--] © 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: Bug Bounty แบบแมว ๆ| Responsible: P. Morimoto Version / Date: 1.0 / 2017-09-30 | Confidentiality Class: Public © 2014 SEC Consult Unternehmensberatung GmbH All rights reserved What if … 26 • My company has never done VA and/or Pentest • We have no IT security team • We have only a small webapp • We have never received any vulnerability report = Bug Bounty Program is not yet for you !
© 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: [--Title--] | Responsible: [--Responsible--] Version / Date: [--VX.X / YYYY-MM-DD--] | Confidentiality Class: [--Confidentiality Class--] © 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: Bug Bounty แบบแมว ๆ| Responsible: P. Morimoto Version / Date: 1.0 / 2017-09-30 | Confidentiality Class: Public © 2014 SEC Consult Unternehmensberatung GmbH All rights reserved 27 A Hacker + Critical Vulnerability = ? • Keep Secret • Hack For $$$$ • Full Disclosure • Vulnerability Disclosure Program • Bug Bounty Program
© 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: [--Title--] | Responsible: [--Responsible--] Version / Date: [--VX.X / YYYY-MM-DD--] | Confidentiality Class: [--Confidentiality Class--] © 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: Bug Bounty แบบแมว ๆ| Responsible: P. Morimoto Version / Date: 1.0 / 2017-09-30 | Confidentiality Class: Public © 2014 SEC Consult Unternehmensberatung GmbH All rights reserved Must Have: Vulnerability Disclosure Program 28 responsible.disclosure@citi.com https://online.citi.com/US/JRS/pands/detail.do?ID=ReportingVulnerability security.disclosures@rbs.co.uk http://personal.rbs.co.uk/personal/security-centre/responsible-disclosure.html
© 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: [--Title--] | Responsible: [--Responsible--] Version / Date: [--VX.X / YYYY-MM-DD--] | Confidentiality Class: [--Confidentiality Class--] © 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: Bug Bounty แบบแมว ๆ| Responsible: P. Morimoto Version / Date: 1.0 / 2017-09-30 | Confidentiality Class: Public © 2014 SEC Consult Unternehmensberatung GmbH All rights reserved Must Have: Vulnerability Disclosure Program 29 1. Create security contacts • security@<company-domain> • alert@<company-domain> 2. Vulnerability Disclosure Program Policy • Guidelines • Scope / Out of scope • How to report a vulnerability ? • Optional: HOF, Swags, Bounties Hint: Open Source Responsible Disclosure Framework https://github.com/bugcrowd/disclosure-policy Forward emails to your IT guys
© 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: [--Title--] | Responsible: [--Responsible--] Version / Date: [--VX.X / YYYY-MM-DD--] | Confidentiality Class: [--Confidentiality Class--] © 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: Bug Bounty แบบแมว ๆ| Responsible: P. Morimoto Version / Date: 1.0 / 2017-09-30 | Confidentiality Class: Public © 2014 SEC Consult Unternehmensberatung GmbH All rights reserved 30 BugCrowd's Open Source Responsible Disclosure Framework https://github.com/bugcrowd/disclosure-policy
© 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: [--Title--] | Responsible: [--Responsible--] Version / Date: [--VX.X / YYYY-MM-DD--] | Confidentiality Class: [--Confidentiality Class--] © 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: Bug Bounty แบบแมว ๆ| Responsible: P. Morimoto Version / Date: 1.0 / 2017-09-30 | Confidentiality Class: Public © 2014 SEC Consult Unternehmensberatung GmbH All rights reserved 31 Bug Bounty Program - Do’s and Don’ts • Understand the program policy • Avoid out of scope issues • Be patient for reported issues • Use your test accounts for PoC • Do not cross the lines • Avoid business impact at all costs • Do not harm the system availability (No DoS) • No physical attacks and social engineering • Do not disclosure other users’ data https://en-gb.facebook.com/whitehat
© 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: [--Title--] | Responsible: [--Responsible--] Version / Date: [--VX.X / YYYY-MM-DD--] | Confidentiality Class: [--Confidentiality Class--] © 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: Bug Bounty แบบแมว ๆ| Responsible: P. Morimoto Version / Date: 1.0 / 2017-09-30 | Confidentiality Class: Public © 2014 SEC Consult Unternehmensberatung GmbH All rights reserved 32 Eligible Bugs
© 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: [--Title--] | Responsible: [--Responsible--] Version / Date: [--VX.X / YYYY-MM-DD--] | Confidentiality Class: [--Confidentiality Class--] © 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: Bug Bounty แบบแมว ๆ| Responsible: P. Morimoto Version / Date: 1.0 / 2017-09-30 | Confidentiality Class: Public © 2014 SEC Consult Unternehmensberatung GmbH All rights reserved 33 Eligible Bugs
© 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: [--Title--] | Responsible: [--Responsible--] Version / Date: [--VX.X / YYYY-MM-DD--] | Confidentiality Class: [--Confidentiality Class--] © 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: Bug Bounty แบบแมว ๆ| Responsible: P. Morimoto Version / Date: 1.0 / 2017-09-30 | Confidentiality Class: Public © 2014 SEC Consult Unternehmensberatung GmbH All rights reserved 34 Eligible Bugs
© 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: [--Title--] | Responsible: [--Responsible--] Version / Date: [--VX.X / YYYY-MM-DD--] | Confidentiality Class: [--Confidentiality Class--] © 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: Bug Bounty แบบแมว ๆ| Responsible: P. Morimoto Version / Date: 1.0 / 2017-09-30 | Confidentiality Class: Public © 2014 SEC Consult Unternehmensberatung GmbH All rights reserved 35 Eligible Bugs https://www.facebook.com/notes/facebook-security/ link-shim-protecting-the-people-who-use-facebook-from-malicious-urls/10150492832835766/
© 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: [--Title--] | Responsible: [--Responsible--] Version / Date: [--VX.X / YYYY-MM-DD--] | Confidentiality Class: [--Confidentiality Class--] © 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: Bug Bounty แบบแมว ๆ| Responsible: P. Morimoto Version / Date: 1.0 / 2017-09-30 | Confidentiality Class: Public © 2014 SEC Consult Unternehmensberatung GmbH All rights reserved 36 Eligible Bugs https://www.openbugbounty.org/reports/171730/
© 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: [--Title--] | Responsible: [--Responsible--] Version / Date: [--VX.X / YYYY-MM-DD--] | Confidentiality Class: [--Confidentiality Class--] © 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: Bug Bounty แบบแมว ๆ| Responsible: P. Morimoto Version / Date: 1.0 / 2017-09-30 | Confidentiality Class: Public © 2014 SEC Consult Unternehmensberatung GmbH All rights reserved 37 Eligible Bugs - Vulnerability or Usability ? User does exist But incorrect password User does not exist !
© 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: [--Title--] | Responsible: [--Responsible--] Version / Date: [--VX.X / YYYY-MM-DD--] | Confidentiality Class: [--Confidentiality Class--] © 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: Bug Bounty แบบแมว ๆ| Responsible: P. Morimoto Version / Date: 1.0 / 2017-09-30 | Confidentiality Class: Public © 2014 SEC Consult Unternehmensberatung GmbH All rights reserved 38 Bug Bounty Program Policy - Uber https://hackerone.com/uber
© 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: [--Title--] | Responsible: [--Responsible--] Version / Date: [--VX.X / YYYY-MM-DD--] | Confidentiality Class: [--Confidentiality Class--] © 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: Bug Bounty แบบแมว ๆ| Responsible: P. Morimoto Version / Date: 1.0 / 2017-09-30 | Confidentiality Class: Public © 2014 SEC Consult Unternehmensberatung GmbH All rights reserved 39 Bug Bounty Report Writing https://en-gb.facebook.com/whitehat/resources/
© 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: [--Title--] | Responsible: [--Responsible--] Version / Date: [--VX.X / YYYY-MM-DD--] | Confidentiality Class: [--Confidentiality Class--] © 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: Bug Bounty แบบแมว ๆ| Responsible: P. Morimoto Version / Date: 1.0 / 2017-09-30 | Confidentiality Class: Public © 2014 SEC Consult Unternehmensberatung GmbH All rights reserved 40 Bug Bounty Report Writing https://en-gb.facebook.com/whitehat/resources/
© 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: [--Title--] | Responsible: [--Responsible--] Version / Date: [--VX.X / YYYY-MM-DD--] | Confidentiality Class: [--Confidentiality Class--] © 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: Bug Bounty แบบแมว ๆ| Responsible: P. Morimoto Version / Date: 1.0 / 2017-09-30 | Confidentiality Class: Public © 2014 SEC Consult Unternehmensberatung GmbH All rights reserved 41 My Stories & Tips
© 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: [--Title--] | Responsible: [--Responsible--] Version / Date: [--VX.X / YYYY-MM-DD--] | Confidentiality Class: [--Confidentiality Class--] © 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: Bug Bounty แบบแมว ๆ| Responsible: P. Morimoto Version / Date: 1.0 / 2017-09-30 | Confidentiality Class: Public © 2014 SEC Consult Unternehmensberatung GmbH All rights reserved 42 My Stories & Tips
© 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: [--Title--] | Responsible: [--Responsible--] Version / Date: [--VX.X / YYYY-MM-DD--] | Confidentiality Class: [--Confidentiality Class--] © 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: Bug Bounty แบบแมว ๆ| Responsible: P. Morimoto Version / Date: 1.0 / 2017-09-30 | Confidentiality Class: Public © 2014 SEC Consult Unternehmensberatung GmbH All rights reserved 43 My Stories & Tips
© 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: [--Title--] | Responsible: [--Responsible--] Version / Date: [--VX.X / YYYY-MM-DD--] | Confidentiality Class: [--Confidentiality Class--] © 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: Bug Bounty แบบแมว ๆ| Responsible: P. Morimoto Version / Date: 1.0 / 2017-09-30 | Confidentiality Class: Public © 2014 SEC Consult Unternehmensberatung GmbH All rights reserved 44 My Stories & Tips
© 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: [--Title--] | Responsible: [--Responsible--] Version / Date: [--VX.X / YYYY-MM-DD--] | Confidentiality Class: [--Confidentiality Class--] © 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: Bug Bounty แบบแมว ๆ| Responsible: P. Morimoto Version / Date: 1.0 / 2017-09-30 | Confidentiality Class: Public © 2014 SEC Consult Unternehmensberatung GmbH All rights reserved For any further questions contact your SEC Consult Expert. Pichaya Morimoto p.morimoto@sec-consult.com SEC Consult (Thailand) Co., Ltd. 29/1 Piyaplace Langsuan Building, 16B Soi Langsuan, Lumpini, Pathumwan Bangkok 10330, Thailand www.sec-consult.com
© 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: [--Title--] | Responsible: [--Responsible--] Version / Date: [--VX.X / YYYY-MM-DD--] | Confidentiality Class: [--Confidentiality Class--] © 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: Bug Bounty แบบแมว ๆ| Responsible: P. Morimoto Version / Date: 1.0 / 2017-09-30 | Confidentiality Class: Public © 2014 SEC Consult Unternehmensberatung GmbH All rights reserved 46 Contact GERMANY SEC Consult Unternehmensberatung Deutschland GmbH Bockenheimer Landstraße 17-19 60325 Frankfurt / Main Tel +49 69 175 373 43 | Fax +49 69 175 373 44 Email office-frankfurt@sec-consult.com AUSTRIA SEC Consult Unternehmensberatung GmbH Mooslackengasse 17 1190 Vienna Tel +43 1 890 30 43 0 | Fax +43 1 890 30 43 15 Email office@sec-consult.com LITHUANIA UAB Critical Security, a SEC Consult company Sauletekio al. 15-311 10224 Vilnius Tel +370 5 2195535 Email office-vilnius@sec-consult.com RUSSIA CJCS Security Monitor 5th Donskoy proyezd, 15, Bldg. 6 119334, Moscow Tel +7 495 662 1414 Email info@securitymonitor.ru SINGAPORE SEC Consult Singapore PTE. LTD 4 Battery Road #25-01 Bank of China Building Singapore (049908) Email office-singapore@sec-consult.com CANADA i-SEC Consult Inc. 100 René-Lévesque West, Suite 2500 Montréal (Quebec) H3B 5C9 Email office-montreal@sec-consult.com AUSTRIA SEC Consult Unternehmensberatung GmbH Komarigasse 14/1 2700 Wiener Neustadt Tel +43 1 890 30 43 0 Email office@sec-consult.com THAILAND SEC Consult (Thailand) Co., Ltd. 29/1 Piyaplace Langsuan Building 16th Floor, 16B Soi Langsuan, Ploen Chit Road Lumpini, Patumwan | Bangkok 10330 Tel +66 02 041 1146 Email office-bangkok@sec-consult.com www.sec-consult.com

Recommandé

Pentest 101 @ Mahanakorn Network Research Laboratory
Pentest 101 @ Mahanakorn Network Research LaboratoryPentest 101 @ Mahanakorn Network Research Laboratory
Pentest 101 @ Mahanakorn Network Research LaboratoryPichaya Morimoto
 
Security Misconfiguration (OWASP Top 10 - 2013 - A5)
Security Misconfiguration (OWASP Top 10 - 2013 - A5)Security Misconfiguration (OWASP Top 10 - 2013 - A5)
Security Misconfiguration (OWASP Top 10 - 2013 - A5)Pichaya Morimoto
 
Burp Extender API for Penetration Testing
Burp Extender API for Penetration TestingBurp Extender API for Penetration Testing
Burp Extender API for Penetration TestingPichaya Morimoto
 
Alexander Antukh. (In)security of Appliances
Alexander Antukh. (In)security of AppliancesAlexander Antukh. (In)security of Appliances
Alexander Antukh. (In)security of AppliancesPositive Hack Days
 
Alexander Antukh
Alexander AntukhAlexander Antukh
Alexander AntukhPositive Hack Days
 
Csw2016 freingruber bypassing_application_whitelisting
Csw2016 freingruber bypassing_application_whitelistingCsw2016 freingruber bypassing_application_whitelisting
Csw2016 freingruber bypassing_application_whitelistingCanSecWest
 
Ncc Group Escrow Overview 2010
Ncc Group Escrow Overview 2010Ncc Group Escrow Overview 2010
Ncc Group Escrow Overview 2010Jonnyhyde
 
Data Consult - Managed Security Services
Data Consult - Managed Security ServicesData Consult - Managed Security Services
Data Consult - Managed Security ServicesJad Bejjani
 

Recommandé

Pentest 101 @ Mahanakorn Network Research Laboratory
Pentest 101 @ Mahanakorn Network Research LaboratoryPentest 101 @ Mahanakorn Network Research Laboratory
Pentest 101 @ Mahanakorn Network Research LaboratoryPichaya Morimoto
 
Security Misconfiguration (OWASP Top 10 - 2013 - A5)
Security Misconfiguration (OWASP Top 10 - 2013 - A5)Security Misconfiguration (OWASP Top 10 - 2013 - A5)
Security Misconfiguration (OWASP Top 10 - 2013 - A5)Pichaya Morimoto
 
Burp Extender API for Penetration Testing
Burp Extender API for Penetration TestingBurp Extender API for Penetration Testing
Burp Extender API for Penetration TestingPichaya Morimoto
 
Alexander Antukh. (In)security of Appliances
Alexander Antukh. (In)security of AppliancesAlexander Antukh. (In)security of Appliances
Alexander Antukh. (In)security of AppliancesPositive Hack Days
 
Alexander Antukh
Alexander AntukhAlexander Antukh
Alexander AntukhPositive Hack Days
 
Csw2016 freingruber bypassing_application_whitelisting
Csw2016 freingruber bypassing_application_whitelistingCsw2016 freingruber bypassing_application_whitelisting
Csw2016 freingruber bypassing_application_whitelistingCanSecWest
 
Ncc Group Escrow Overview 2010
Ncc Group Escrow Overview 2010Ncc Group Escrow Overview 2010
Ncc Group Escrow Overview 2010Jonnyhyde
 
Data Consult - Managed Security Services
Data Consult - Managed Security ServicesData Consult - Managed Security Services
Data Consult - Managed Security ServicesJad Bejjani
 
Mid market collaboration architecture presentation
Mid market collaboration architecture presentationMid market collaboration architecture presentation
Mid market collaboration architecture presentationTrinny Chacko
 
Securityinfosearch introduction
Securityinfosearch introductionSecurityinfosearch introduction
Securityinfosearch introductionsequraconsulting
 
Georgi hristov continuous integration-for mobile test automation
Georgi hristov continuous integration-for mobile test automationGeorgi hristov continuous integration-for mobile test automation
Georgi hristov continuous integration-for mobile test automationRomania Testing
 
How to Build More Secure Service Brokers
How to Build More Secure Service BrokersHow to Build More Secure Service Brokers
How to Build More Secure Service BrokersVMware Tanzu
 
The Red Button: Adventures in Security Leadership
The Red Button: Adventures in Security LeadershipThe Red Button: Adventures in Security Leadership
The Red Button: Adventures in Security LeadershipVMware Tanzu
 
Glasswall - How to Prevent, Detect and React to Ransomware incidents
Glasswall - How to Prevent, Detect and React to Ransomware incidentsGlasswall - How to Prevent, Detect and React to Ransomware incidents
Glasswall - How to Prevent, Detect and React to Ransomware incidentsDinis Cruz
 
Bringing New Experience with Openstack and Fuel (Ihor Dvoretskyi, Oleksandr M...
Bringing New Experience with Openstack and Fuel (Ihor Dvoretskyi, Oleksandr M...Bringing New Experience with Openstack and Fuel (Ihor Dvoretskyi, Oleksandr M...
Bringing New Experience with Openstack and Fuel (Ihor Dvoretskyi, Oleksandr M...IT Arena
 
VMukti Open Source
VMukti Open SourceVMukti Open Source
VMukti Open Sourcevmukti
 
Bosch Connect: Under the Hood
Bosch Connect: Under the HoodBosch Connect: Under the Hood
Bosch Connect: Under the HoodLetsConnect
 
Secure Drupal, from start to finish (European Drupal Days 2015)
Secure Drupal, from start to finish (European Drupal Days 2015)Secure Drupal, from start to finish (European Drupal Days 2015)
Secure Drupal, from start to finish (European Drupal Days 2015)Eugenio Minardi
 
Secure Drupal, from start to finish
Secure Drupal, from start to finishSecure Drupal, from start to finish
Secure Drupal, from start to finishBoy Baukema
 
Human Factors in Security: Toward Security-Conscious Development
Human Factors in Security: Toward Security-Conscious DevelopmentHuman Factors in Security: Toward Security-Conscious Development
Human Factors in Security: Toward Security-Conscious DevelopmentVMware Tanzu
 
{Ca} the future of video
{Ca} the future of video{Ca} the future of video
{Ca} the future of videoPatrick Lopez
 
Ntm 2.0 arvola presentation
Ntm 2.0 arvola presentationNtm 2.0 arvola presentation
Ntm 2.0 arvola presentationMilla Granlund
 
brainwaregroup ITAM Review Tools Day Presentation 2015
brainwaregroup ITAM Review Tools Day Presentation 2015brainwaregroup ITAM Review Tools Day Presentation 2015
brainwaregroup ITAM Review Tools Day Presentation 2015Martin Thompson
 
Data Consult Managed Security Services
Data Consult Managed Security ServicesData Consult Managed Security Services
Data Consult Managed Security ServicesJad Bejjani
 
Triskell Autumn 2013 version (english)
Triskell Autumn 2013 version (english)Triskell Autumn 2013 version (english)
Triskell Autumn 2013 version (english)Jose Rodriguez de Gracia
 
Strategies on How to Overcome Security Challenges Unique to Cloud-Native Apps
Strategies on How to Overcome Security Challenges Unique to Cloud-Native AppsStrategies on How to Overcome Security Challenges Unique to Cloud-Native Apps
Strategies on How to Overcome Security Challenges Unique to Cloud-Native AppsVMware Tanzu
 
Azure Media Services Step-by-Step Tutorial Docs Series - Part 8
Azure Media Services Step-by-Step Tutorial Docs Series - Part 8Azure Media Services Step-by-Step Tutorial Docs Series - Part 8
Azure Media Services Step-by-Step Tutorial Docs Series - Part 8Shige Fukushima
 
APN Auckland Event 9 - Scrum 101, Unleashing the Theory
APN Auckland Event 9 - Scrum 101, Unleashing the TheoryAPN Auckland Event 9 - Scrum 101, Unleashing the Theory
APN Auckland Event 9 - Scrum 101, Unleashing the TheoryCarolyn Sanders
 
ยกระดับศักยภาพของทีม IT Security องค์กรด้วย CTF & Cybersecurity Online Platfo...
ยกระดับศักยภาพของทีม IT Security องค์กรด้วย CTF & Cybersecurity Online Platfo...ยกระดับศักยภาพของทีม IT Security องค์กรด้วย CTF & Cybersecurity Online Platfo...
ยกระดับศักยภาพของทีม IT Security องค์กรด้วย CTF & Cybersecurity Online Platfo...Pichaya Morimoto
 
Securing and Hacking LINE OA Integration
Securing and Hacking LINE OA IntegrationSecuring and Hacking LINE OA Integration
Securing and Hacking LINE OA IntegrationPichaya Morimoto
 

Contenu connexe

Similaire à Bug Bounty แบบแมว ๆ

Mid market collaboration architecture presentation
Mid market collaboration architecture presentationMid market collaboration architecture presentation
Mid market collaboration architecture presentationTrinny Chacko
 
Securityinfosearch introduction
Securityinfosearch introductionSecurityinfosearch introduction
Securityinfosearch introductionsequraconsulting
 
Georgi hristov continuous integration-for mobile test automation
Georgi hristov continuous integration-for mobile test automationGeorgi hristov continuous integration-for mobile test automation
Georgi hristov continuous integration-for mobile test automationRomania Testing
 
How to Build More Secure Service Brokers
How to Build More Secure Service BrokersHow to Build More Secure Service Brokers
How to Build More Secure Service BrokersVMware Tanzu
 
The Red Button: Adventures in Security Leadership
The Red Button: Adventures in Security LeadershipThe Red Button: Adventures in Security Leadership
The Red Button: Adventures in Security LeadershipVMware Tanzu
 
Glasswall - How to Prevent, Detect and React to Ransomware incidents
Glasswall - How to Prevent, Detect and React to Ransomware incidentsGlasswall - How to Prevent, Detect and React to Ransomware incidents
Glasswall - How to Prevent, Detect and React to Ransomware incidentsDinis Cruz
 
Bringing New Experience with Openstack and Fuel (Ihor Dvoretskyi, Oleksandr M...
Bringing New Experience with Openstack and Fuel (Ihor Dvoretskyi, Oleksandr M...Bringing New Experience with Openstack and Fuel (Ihor Dvoretskyi, Oleksandr M...
Bringing New Experience with Openstack and Fuel (Ihor Dvoretskyi, Oleksandr M...IT Arena
 
VMukti Open Source
VMukti Open SourceVMukti Open Source
VMukti Open Sourcevmukti
 
Bosch Connect: Under the Hood
Bosch Connect: Under the HoodBosch Connect: Under the Hood
Bosch Connect: Under the HoodLetsConnect
 
Secure Drupal, from start to finish (European Drupal Days 2015)
Secure Drupal, from start to finish (European Drupal Days 2015)Secure Drupal, from start to finish (European Drupal Days 2015)
Secure Drupal, from start to finish (European Drupal Days 2015)Eugenio Minardi
 
Secure Drupal, from start to finish
Secure Drupal, from start to finishSecure Drupal, from start to finish
Secure Drupal, from start to finishBoy Baukema
 
Human Factors in Security: Toward Security-Conscious Development
Human Factors in Security: Toward Security-Conscious DevelopmentHuman Factors in Security: Toward Security-Conscious Development
Human Factors in Security: Toward Security-Conscious DevelopmentVMware Tanzu
 
{Ca} the future of video
{Ca} the future of video{Ca} the future of video
{Ca} the future of videoPatrick Lopez
 
Ntm 2.0 arvola presentation
Ntm 2.0 arvola presentationNtm 2.0 arvola presentation
Ntm 2.0 arvola presentationMilla Granlund
 
brainwaregroup ITAM Review Tools Day Presentation 2015
brainwaregroup ITAM Review Tools Day Presentation 2015brainwaregroup ITAM Review Tools Day Presentation 2015
brainwaregroup ITAM Review Tools Day Presentation 2015Martin Thompson
 
Data Consult Managed Security Services
Data Consult Managed Security ServicesData Consult Managed Security Services
Data Consult Managed Security ServicesJad Bejjani
 
Strategies on How to Overcome Security Challenges Unique to Cloud-Native Apps
Strategies on How to Overcome Security Challenges Unique to Cloud-Native AppsStrategies on How to Overcome Security Challenges Unique to Cloud-Native Apps
Strategies on How to Overcome Security Challenges Unique to Cloud-Native AppsVMware Tanzu
 
Azure Media Services Step-by-Step Tutorial Docs Series - Part 8
Azure Media Services Step-by-Step Tutorial Docs Series - Part 8Azure Media Services Step-by-Step Tutorial Docs Series - Part 8
Azure Media Services Step-by-Step Tutorial Docs Series - Part 8Shige Fukushima
 
APN Auckland Event 9 - Scrum 101, Unleashing the Theory
APN Auckland Event 9 - Scrum 101, Unleashing the TheoryAPN Auckland Event 9 - Scrum 101, Unleashing the Theory
APN Auckland Event 9 - Scrum 101, Unleashing the TheoryCarolyn Sanders
 

Similaire à Bug Bounty แบบแมว ๆ (20)

Mid market collaboration architecture presentation
Mid market collaboration architecture presentationMid market collaboration architecture presentation
Mid market collaboration architecture presentation
 
Securityinfosearch introduction
Securityinfosearch introductionSecurityinfosearch introduction
Securityinfosearch introduction
 
Georgi hristov continuous integration-for mobile test automation
Georgi hristov continuous integration-for mobile test automationGeorgi hristov continuous integration-for mobile test automation
Georgi hristov continuous integration-for mobile test automation
 
How to Build More Secure Service Brokers
How to Build More Secure Service BrokersHow to Build More Secure Service Brokers
How to Build More Secure Service Brokers
 
The Red Button: Adventures in Security Leadership
The Red Button: Adventures in Security LeadershipThe Red Button: Adventures in Security Leadership
The Red Button: Adventures in Security Leadership
 
Glasswall - How to Prevent, Detect and React to Ransomware incidents
Glasswall - How to Prevent, Detect and React to Ransomware incidentsGlasswall - How to Prevent, Detect and React to Ransomware incidents
Glasswall - How to Prevent, Detect and React to Ransomware incidents
 
Bringing New Experience with Openstack and Fuel (Ihor Dvoretskyi, Oleksandr M...
Bringing New Experience with Openstack and Fuel (Ihor Dvoretskyi, Oleksandr M...Bringing New Experience with Openstack and Fuel (Ihor Dvoretskyi, Oleksandr M...
Bringing New Experience with Openstack and Fuel (Ihor Dvoretskyi, Oleksandr M...
 
VMukti Open Source
VMukti Open SourceVMukti Open Source
VMukti Open Source
 
Bosch Connect: Under the Hood
Bosch Connect: Under the HoodBosch Connect: Under the Hood
Bosch Connect: Under the Hood
 
Secure Drupal, from start to finish (European Drupal Days 2015)
Secure Drupal, from start to finish (European Drupal Days 2015)Secure Drupal, from start to finish (European Drupal Days 2015)
Secure Drupal, from start to finish (European Drupal Days 2015)
 
Secure Drupal, from start to finish
Secure Drupal, from start to finishSecure Drupal, from start to finish
Secure Drupal, from start to finish
 
Human Factors in Security: Toward Security-Conscious Development
Human Factors in Security: Toward Security-Conscious DevelopmentHuman Factors in Security: Toward Security-Conscious Development
Human Factors in Security: Toward Security-Conscious Development
 
{Ca} the future of video
{Ca} the future of video{Ca} the future of video
{Ca} the future of video
 
Ntm 2.0 arvola presentation
Ntm 2.0 arvola presentationNtm 2.0 arvola presentation
Ntm 2.0 arvola presentation
 
brainwaregroup ITAM Review Tools Day Presentation 2015
brainwaregroup ITAM Review Tools Day Presentation 2015brainwaregroup ITAM Review Tools Day Presentation 2015
brainwaregroup ITAM Review Tools Day Presentation 2015
 
Data Consult Managed Security Services
Data Consult Managed Security ServicesData Consult Managed Security Services
Data Consult Managed Security Services
 
Triskell Autumn 2013 version (english)
Triskell Autumn 2013 version (english)Triskell Autumn 2013 version (english)
Triskell Autumn 2013 version (english)
 
Strategies on How to Overcome Security Challenges Unique to Cloud-Native Apps
Strategies on How to Overcome Security Challenges Unique to Cloud-Native AppsStrategies on How to Overcome Security Challenges Unique to Cloud-Native Apps
Strategies on How to Overcome Security Challenges Unique to Cloud-Native Apps
 
Azure Media Services Step-by-Step Tutorial Docs Series - Part 8
Azure Media Services Step-by-Step Tutorial Docs Series - Part 8Azure Media Services Step-by-Step Tutorial Docs Series - Part 8
Azure Media Services Step-by-Step Tutorial Docs Series - Part 8
 
APN Auckland Event 9 - Scrum 101, Unleashing the Theory
APN Auckland Event 9 - Scrum 101, Unleashing the TheoryAPN Auckland Event 9 - Scrum 101, Unleashing the Theory
APN Auckland Event 9 - Scrum 101, Unleashing the Theory
 

Plus de Pichaya Morimoto

ยกระดับศักยภาพของทีม IT Security องค์กรด้วย CTF & Cybersecurity Online Platfo...
ยกระดับศักยภาพของทีม IT Security องค์กรด้วย CTF & Cybersecurity Online Platfo...ยกระดับศักยภาพของทีม IT Security องค์กรด้วย CTF & Cybersecurity Online Platfo...
ยกระดับศักยภาพของทีม IT Security องค์กรด้วย CTF & Cybersecurity Online Platfo...Pichaya Morimoto
 
Securing and Hacking LINE OA Integration
Securing and Hacking LINE OA IntegrationSecuring and Hacking LINE OA Integration
Securing and Hacking LINE OA IntegrationPichaya Morimoto
 
Docker Plugin For DevSecOps
Docker Plugin For DevSecOpsDocker Plugin For DevSecOps
Docker Plugin For DevSecOpsPichaya Morimoto
 
Mysterious Crypto in Android Biometrics
Mysterious Crypto in Android BiometricsMysterious Crypto in Android Biometrics
Mysterious Crypto in Android BiometricsPichaya Morimoto
 
Web Hacking with Object Deserialization
Web Hacking with Object DeserializationWeb Hacking with Object Deserialization
Web Hacking with Object DeserializationPichaya Morimoto
 
Exploiting Blind Vulnerabilities
Exploiting Blind VulnerabilitiesExploiting Blind Vulnerabilities
Exploiting Blind VulnerabilitiesPichaya Morimoto
 
From Web Vulnerability to Exploit in 15 minutes
From Web Vulnerability to Exploit in 15 minutesFrom Web Vulnerability to Exploit in 15 minutes
From Web Vulnerability to Exploit in 15 minutesPichaya Morimoto
 
Exploiting WebApp Race Condition Vulnerability 101
Exploiting WebApp Race Condition Vulnerability 101Exploiting WebApp Race Condition Vulnerability 101
Exploiting WebApp Race Condition Vulnerability 101Pichaya Morimoto
 
CTF คืออะไร เรียนแฮก? ลองแฮก? แข่งแฮก?
CTF คืออะไร เรียนแฮก? ลองแฮก? แข่งแฮก?CTF คืออะไร เรียนแฮก? ลองแฮก? แข่งแฮก?
CTF คืออะไร เรียนแฮก? ลองแฮก? แข่งแฮก?Pichaya Morimoto
 
Vulnerable Active Record: A tale of SQL Injection in PHP Framework
Vulnerable Active Record: A tale of SQL Injection in PHP FrameworkVulnerable Active Record: A tale of SQL Injection in PHP Framework
Vulnerable Active Record: A tale of SQL Injection in PHP FrameworkPichaya Morimoto
 
SQL Injection 101 : It is not just about ' or '1'='1 - Pichaya Morimoto
SQL Injection 101 : It is not just about ' or '1'='1 - Pichaya MorimotoSQL Injection 101 : It is not just about ' or '1'='1 - Pichaya Morimoto
SQL Injection 101 : It is not just about ' or '1'='1 - Pichaya MorimotoPichaya Morimoto
 
Art of Web Backdoor - Pichaya Morimoto
Art of Web Backdoor - Pichaya MorimotoArt of Web Backdoor - Pichaya Morimoto
Art of Web Backdoor - Pichaya MorimotoPichaya Morimoto
 

Plus de Pichaya Morimoto (12)

ยกระดับศักยภาพของทีม IT Security องค์กรด้วย CTF & Cybersecurity Online Platfo...
ยกระดับศักยภาพของทีม IT Security องค์กรด้วย CTF & Cybersecurity Online Platfo...ยกระดับศักยภาพของทีม IT Security องค์กรด้วย CTF & Cybersecurity Online Platfo...
ยกระดับศักยภาพของทีม IT Security องค์กรด้วย CTF & Cybersecurity Online Platfo...
 
Securing and Hacking LINE OA Integration
Securing and Hacking LINE OA IntegrationSecuring and Hacking LINE OA Integration
Securing and Hacking LINE OA Integration
 
Docker Plugin For DevSecOps
Docker Plugin For DevSecOpsDocker Plugin For DevSecOps
Docker Plugin For DevSecOps
 
Mysterious Crypto in Android Biometrics
Mysterious Crypto in Android BiometricsMysterious Crypto in Android Biometrics
Mysterious Crypto in Android Biometrics
 
Web Hacking with Object Deserialization
Web Hacking with Object DeserializationWeb Hacking with Object Deserialization
Web Hacking with Object Deserialization
 
Exploiting Blind Vulnerabilities
Exploiting Blind VulnerabilitiesExploiting Blind Vulnerabilities
Exploiting Blind Vulnerabilities
 
From Web Vulnerability to Exploit in 15 minutes
From Web Vulnerability to Exploit in 15 minutesFrom Web Vulnerability to Exploit in 15 minutes
From Web Vulnerability to Exploit in 15 minutes
 
Exploiting WebApp Race Condition Vulnerability 101
Exploiting WebApp Race Condition Vulnerability 101Exploiting WebApp Race Condition Vulnerability 101
Exploiting WebApp Race Condition Vulnerability 101
 
CTF คืออะไร เรียนแฮก? ลองแฮก? แข่งแฮก?
CTF คืออะไร เรียนแฮก? ลองแฮก? แข่งแฮก?CTF คืออะไร เรียนแฮก? ลองแฮก? แข่งแฮก?
CTF คืออะไร เรียนแฮก? ลองแฮก? แข่งแฮก?
 
Vulnerable Active Record: A tale of SQL Injection in PHP Framework
Vulnerable Active Record: A tale of SQL Injection in PHP FrameworkVulnerable Active Record: A tale of SQL Injection in PHP Framework
Vulnerable Active Record: A tale of SQL Injection in PHP Framework
 
SQL Injection 101 : It is not just about ' or '1'='1 - Pichaya Morimoto
SQL Injection 101 : It is not just about ' or '1'='1 - Pichaya MorimotoSQL Injection 101 : It is not just about ' or '1'='1 - Pichaya Morimoto
SQL Injection 101 : It is not just about ' or '1'='1 - Pichaya Morimoto
 
Art of Web Backdoor - Pichaya Morimoto
Art of Web Backdoor - Pichaya MorimotoArt of Web Backdoor - Pichaya Morimoto
Art of Web Backdoor - Pichaya Morimoto
 

Dernier

The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhisoniya singh
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
Google AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGGoogle AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGSujit Pal
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 

Dernier (20)

The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Google AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGGoogle AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAG
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 

Bug Bounty แบบแมว ๆ

  • 1. Version: [--VX.X--] Date: [--YYYY-MM-DD--] Author: [--Author--] Responsible: [--Responsible--] Confidentiality Class: [--Confidentiality Class--] Version: 1.0 Date: 2017-09-30 Author: P. Morimoto Responsible: P. Morimoto Confidentiality Class: Public Bug Bounty แบบแมว ๆ
  • 2. © 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: [--Title--] | Responsible: [--Responsible--] Version / Date: [--VX.X / YYYY-MM-DD--] | Confidentiality Class: [--Confidentiality Class--] © 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: Bug Bounty แบบแมว ๆ| Responsible: P. Morimoto Version / Date: 1.0 / 2017-09-30 | Confidentiality Class: Public © 2014 SEC Consult Unternehmensberatung GmbH All rights reserved Vienna (HQ) | AT Wiener Neustadt | AT Vilnius | LT Berlin| DE Montreal | CA Singapore | SG Moscow | RU Zurich | CH SEC Consult Offices SEC Consult Clients Bangkok | TH SEC Consult – Who we are Found in 2002 70+ Security Experts 400+ Security Audits per year Globally operating SEC Consult Vulnerability Lab Malaysia | MY Luxembourg | LU Linz | AT
  • 3. © 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: [--Title--] | Responsible: [--Responsible--] Version / Date: [--VX.X / YYYY-MM-DD--] | Confidentiality Class: [--Confidentiality Class--] © 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: Bug Bounty แบบแมว ๆ| Responsible: P. Morimoto Version / Date: 1.0 / 2017-09-30 | Confidentiality Class: Public © 2014 SEC Consult Unternehmensberatung GmbH All rights reserved Advisor for information security Expert for the implementation of security processes and policies (ISO 27001, BS 25999, GSHB) Leading company for technical security audits Specialist for web application security according to ONR 17700 Independent of product manufacturers Our customers are public authorities, financial institutions and insurance companies in Central Europe Sectoral orientation (defence, public, finance, industry) SEC Consult – Who we are 3
  • 4. © 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: [--Title--] | Responsible: [--Responsible--] Version / Date: [--VX.X / YYYY-MM-DD--] | Confidentiality Class: [--Confidentiality Class--] © 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: Bug Bounty แบบแมว ๆ| Responsible: P. Morimoto Version / Date: 1.0 / 2017-09-30 | Confidentiality Class: Public © 2014 SEC Consult Unternehmensberatung GmbH All rights reserved 4 ISO/IEC 27001 Certificate entire company within certification scope certified since 16.01.2008
  • 5. © 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: [--Title--] | Responsible: [--Responsible--] Version / Date: [--VX.X / YYYY-MM-DD--] | Confidentiality Class: [--Confidentiality Class--] © 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: Bug Bounty แบบแมว ๆ| Responsible: P. Morimoto Version / Date: 1.0 / 2017-09-30 | Confidentiality Class: Public © 2014 SEC Consult Unternehmensberatung GmbH All rights reserved 5 SEC Consult Vulnerability Lab European leading research lab for the identification of vulnerabilities and the analysis of new technologies, products and applications (security advisories) Integral part of the education and the further training of the security experts at SEC Consult Early information of our customers due to SEC Consult security alerts Support of well-known manufacturers to enhance the security of their products Companies and organisations SEC Consult has released security advisories for (excerpt). For details see: http://www.sec-consult.com/72.html
  • 6. © 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: [--Title--] | Responsible: [--Responsible--] Version / Date: [--VX.X / YYYY-MM-DD--] | Confidentiality Class: [--Confidentiality Class--] © 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: Bug Bounty แบบแมว ๆ| Responsible: P. Morimoto Version / Date: 1.0 / 2017-09-30 | Confidentiality Class: Public © 2014 SEC Consult Unternehmensberatung GmbH All rights reserved 6 Who am I ? (Professional) Pichaya Morimoto IT Security Consultant Certifications: • Offensive Security Certified Professional (OSCP) • GIAC Web Application Penetration Tester (GWAPT) • Certified Ethical Hacker (CEH) • CompTIA Security+ Published Security Advisories: • 2014 - Privilege Escalation in Snort pfSense Package - Wordpress TimThumb 2.8.13 WebShot RCE - HybridAuth install.php PHP RCE • 2015 - PHP MoAdmin 1.1.2 RCE - Schedule Facebook Posts 1.5.6 SQL Injection - Lime Survey Multiple Critical Vulnerabilities • 2016 - Yeager CMS Multiple Critical Vulnerabilities - ASUS DSL-N55U router Multiple Vulnerabilities - LINE platform Multiple Vulnerabilities • 2017 - Aruba AirWave 8.2.3 External Entity Injection
  • 7. © 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: [--Title--] | Responsible: [--Responsible--] Version / Date: [--VX.X / YYYY-MM-DD--] | Confidentiality Class: [--Confidentiality Class--] © 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: Bug Bounty แบบแมว ๆ| Responsible: P. Morimoto Version / Date: 1.0 / 2017-09-30 | Confidentiality Class: Public © 2014 SEC Consult Unternehmensberatung GmbH All rights reserved 7 Who am I ? (Personal) Co-administrator of สอนแฮกเว็บแบบแมว ๆ *Former* CTF Player of Pwnladin Team Co-administrator of 2600 Thailand Security Addict http://thehackernews.com/2014/06/zero-day-timthumb-webshot-vulnerability.html
  • 8. © 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: [--Title--] | Responsible: [--Responsible--] Version / Date: [--VX.X / YYYY-MM-DD--] | Confidentiality Class: [--Confidentiality Class--] © 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: Bug Bounty แบบแมว ๆ| Responsible: P. Morimoto Version / Date: 1.0 / 2017-09-30 | Confidentiality Class: Public © 2014 SEC Consult Unternehmensberatung GmbH All rights reserved 8 Who am I ? (Personal) OWASP Thailand Meeting 3/2014 Topic: SQL Injection 101 : It is not just about ' or '1'='1 OWASP Thailand Meeting 5/2015 Topic: SQLi + Secure Coding with Hands-on OWASP Thailand Meeting 7/2016 Topic: Security Misconfiguration OWASP Thailand Meeting 2/2017 Topic: OWASP Top Ten Proactive Controls 2016 ….
  • 9. © 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: [--Title--] | Responsible: [--Responsible--] Version / Date: [--VX.X / YYYY-MM-DD--] | Confidentiality Class: [--Confidentiality Class--] © 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: Bug Bounty แบบแมว ๆ| Responsible: P. Morimoto Version / Date: 1.0 / 2017-09-30 | Confidentiality Class: Public © 2014 SEC Consult Unternehmensberatung GmbH All rights reserved 9 Who am I ? (Personal) • Bug Bounty hunter • Occasionally, kill bugs for free Metasploit modules: • exploit/multi/http/phpmoadmin_exec • exploit/unix/webapp/hybridauth_install _php_exec • auxiliary/admin/http/limesurvey_file_ download and a lot more private exploit research and developments : )
  • 10. © 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: [--Title--] | Responsible: [--Responsible--] Version / Date: [--VX.X / YYYY-MM-DD--] | Confidentiality Class: [--Confidentiality Class--] © 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: Bug Bounty แบบแมว ๆ| Responsible: P. Morimoto Version / Date: 1.0 / 2017-09-30 | Confidentiality Class: Public © 2014 SEC Consult Unternehmensberatung GmbH All rights reserved 10 Hackers, Script Kiddies, Cyber Criminals https://twitter.com/GhostSquadHack/status/820951470984036353 Notoriety, fun and curiosity
  • 11. © 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: [--Title--] | Responsible: [--Responsible--] Version / Date: [--VX.X / YYYY-MM-DD--] | Confidentiality Class: [--Confidentiality Class--] © 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: Bug Bounty แบบแมว ๆ| Responsible: P. Morimoto Version / Date: 1.0 / 2017-09-30 | Confidentiality Class: Public © 2014 SEC Consult Unternehmensberatung GmbH All rights reserved 11 Professional Cyber Criminal http://www.reuters.com/article/us-usa-cyber-swift-exclusive/exclusive-swift-confirms-new-cyber-thefts-hacking-tactics-idUSKBN1412NT
  • 12. © 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: [--Title--] | Responsible: [--Responsible--] Version / Date: [--VX.X / YYYY-MM-DD--] | Confidentiality Class: [--Confidentiality Class--] © 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: Bug Bounty แบบแมว ๆ| Responsible: P. Morimoto Version / Date: 1.0 / 2017-09-30 | Confidentiality Class: Public © 2014 SEC Consult Unternehmensberatung GmbH All rights reserved 12 A Hacker + Critical Vulnerability = ? • Keep Secret • Hack For $$$$ • Full Disclosure • Vulnerability Disclosure Program • Bug Bounty Program
  • 13. © 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: [--Title--] | Responsible: [--Responsible--] Version / Date: [--VX.X / YYYY-MM-DD--] | Confidentiality Class: [--Confidentiality Class--] © 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: Bug Bounty แบบแมว ๆ| Responsible: P. Morimoto Version / Date: 1.0 / 2017-09-30 | Confidentiality Class: Public © 2014 SEC Consult Unternehmensberatung GmbH All rights reserved 13 Bug Bounty Program “A deal offered by many websites and software developers by which individuals can receive recognition and compensation for reporting bugs, especially those pertaining to exploits and vulnerabilities.” https://en.wikipedia.org/wiki/Bug_bounty_program https://www.slideshare.net/bugcrowd/webinar-48444938
  • 14. © 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: [--Title--] | Responsible: [--Responsible--] Version / Date: [--VX.X / YYYY-MM-DD--] | Confidentiality Class: [--Confidentiality Class--] © 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: Bug Bounty แบบแมว ๆ| Responsible: P. Morimoto Version / Date: 1.0 / 2017-09-30 | Confidentiality Class: Public © 2014 SEC Consult Unternehmensberatung GmbH All rights reserved 14 Europol: What’s it gonna be ? https://www.europol.europa.eu/publications-documents/cyber-crime-vs-cyber-security-what-will-you-choose-poster Cybersecurity Expert Skills in coding, gaming, computer programming and anything IT-related are in high demand by the public and private sectors. There are many careers and professional opportunities available. Cyber Criminal Young people getting involved with cybercrime could face: - A visit and a warning from police - Being arrested, a penalty or fine - Prison, for serious offences - Criminal records which can affect your education, future career prospects and traveling overseas options
  • 15. © 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: [--Title--] | Responsible: [--Responsible--] Version / Date: [--VX.X / YYYY-MM-DD--] | Confidentiality Class: [--Confidentiality Class--] © 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: Bug Bounty แบบแมว ๆ| Responsible: P. Morimoto Version / Date: 1.0 / 2017-09-30 | Confidentiality Class: Public © 2014 SEC Consult Unternehmensberatung GmbH All rights reserved 15 Bug Bounty for Hackers ( YOU ! ) • Make $$$$ legally from home or anywhere J • In high demand for IT security career • Add results to your resume ! https://www.linkedin.com/in/icheernoom/
  • 16. © 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: [--Title--] | Responsible: [--Responsible--] Version / Date: [--VX.X / YYYY-MM-DD--] | Confidentiality Class: [--Confidentiality Class--] © 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: Bug Bounty แบบแมว ๆ| Responsible: P. Morimoto Version / Date: 1.0 / 2017-09-30 | Confidentiality Class: Public © 2014 SEC Consult Unternehmensberatung GmbH All rights reserved 16 Bug Bounty for Hackers ( YOU ! ) • Hall of Fame https://bugbounty.linecorp.com/en/halloffame/2016/
  • 17. © 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: [--Title--] | Responsible: [--Responsible--] Version / Date: [--VX.X / YYYY-MM-DD--] | Confidentiality Class: [--Confidentiality Class--] © 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: Bug Bounty แบบแมว ๆ| Responsible: P. Morimoto Version / Date: 1.0 / 2017-09-30 | Confidentiality Class: Public © 2014 SEC Consult Unternehmensberatung GmbH All rights reserved Bug Bounty for Hackers ( Me ) 17 Special Contributor in LINE Security Bug Bounty Program • https://bugbounty.linecorp.com/en/halloffame/ (2017) • https://bugbounty.linecorp.com/en/halloffame/2016/ (2016)
  • 18. © 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: [--Title--] | Responsible: [--Responsible--] Version / Date: [--VX.X / YYYY-MM-DD--] | Confidentiality Class: [--Confidentiality Class--] © 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: Bug Bounty แบบแมว ๆ| Responsible: P. Morimoto Version / Date: 1.0 / 2017-09-30 | Confidentiality Class: Public © 2014 SEC Consult Unternehmensberatung GmbH All rights reserved 18 Bug Bounty for Hackers ( YOU ! ) https://www.blognone.com/node/79729 2016: Student + Part-time Bug Bounty Hunter NOW: IT Security Professional @ Central Online
  • 19. © 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: [--Title--] | Responsible: [--Responsible--] Version / Date: [--VX.X / YYYY-MM-DD--] | Confidentiality Class: [--Confidentiality Class--] © 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: Bug Bounty แบบแมว ๆ| Responsible: P. Morimoto Version / Date: 1.0 / 2017-09-30 | Confidentiality Class: Public © 2014 SEC Consult Unternehmensberatung GmbH All rights reserved 19 Bug Bounty for Hackers ( YOU ! ) https://www.facebook.com/whitehat/thanks https://en.wikipedia.org/wiki/Bug_bounty_program#/media/File:Facebook_t-shirt_with_whitehat_debit_card_for_Hackers.jpg Facebook Hall of Fame for White Hat hackers 2016 • Suvicha Buakhom (สุวิชา บัวคอม) 2015 • Kittinan Srithaworn (ตั#น) 2014 • Suphannee Sivakorn
  • 20. © 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: [--Title--] | Responsible: [--Responsible--] Version / Date: [--VX.X / YYYY-MM-DD--] | Confidentiality Class: [--Confidentiality Class--] © 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: Bug Bounty แบบแมว ๆ| Responsible: P. Morimoto Version / Date: 1.0 / 2017-09-30 | Confidentiality Class: Public © 2014 SEC Consult Unternehmensberatung GmbH All rights reserved 20 Bug Bounty for Organizations • Reduce security risk for your products and services • Cost effective approach for security testing • Lower costs compared to Pentest services *Oops!* • Pay high reward only for high quality bugs J • Good security reputation http://www.360logica.com/blog/wp-content/uploads/2014/05/Bug-Bounty-Programs-A-Big-Security-Measure.jpg
  • 21. © 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: [--Title--] | Responsible: [--Responsible--] Version / Date: [--VX.X / YYYY-MM-DD--] | Confidentiality Class: [--Confidentiality Class--] © 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: Bug Bounty แบบแมว ๆ| Responsible: P. Morimoto Version / Date: 1.0 / 2017-09-30 | Confidentiality Class: Public © 2014 SEC Consult Unternehmensberatung GmbH All rights reserved 21 Success Stories - GitHub on HackerOne platform Neil Matatall, Security Engineer, Github https://www.hackerone.com/sites/default/files/2017-05/Case%20Study%20-%20GitHub%20-%20FINAL.pdf “When we use third parties, we ask them to focus on a specific area. With bounties, researchers look at anything and everything.” "This ensures that the amount of time a bug exists will be shorter than it would’ve been without a bounty program." "It doesn't fully replace manual assessment work, but it certainly complements it nicely"
  • 22. © 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: [--Title--] | Responsible: [--Responsible--] Version / Date: [--VX.X / YYYY-MM-DD--] | Confidentiality Class: [--Confidentiality Class--] © 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: Bug Bounty แบบแมว ๆ| Responsible: P. Morimoto Version / Date: 1.0 / 2017-09-30 | Confidentiality Class: Public © 2014 SEC Consult Unternehmensberatung GmbH All rights reserved 22 Success Stories - GitHub on HackerOne platform Neil Matatall, Security Engineer, Github https://www.hackerone.com/sites/default/files/2017-05/Case%20Study%20-%20GitHub%20-%20FINAL.pdf https://www.hackerone.com/assets/images/landing/resources/downloads/Bug-Bounty-Field-Manual-complete-ebook.pdf • As of March 2017, paid $80,000 (2.6 Million Baht) • 73 submissions • 6% valid bug (48 out of 795 reports) "Financially, a bounty program is cheaper than a full-time employee or a third- party consulting firm, so we’d be spending more money without it."
  • 23. © 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: [--Title--] | Responsible: [--Responsible--] Version / Date: [--VX.X / YYYY-MM-DD--] | Confidentiality Class: [--Confidentiality Class--] © 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: Bug Bounty แบบแมว ๆ| Responsible: P. Morimoto Version / Date: 1.0 / 2017-09-30 | Confidentiality Class: Public © 2014 SEC Consult Unternehmensberatung GmbH All rights reserved 23 Success Stories - HackerOne platform https://www.hackerone.com/sites/default/files/2017-05/Case%20Study%20-%20GitHub%20-%20FINAL.pdf
  • 24. © 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: [--Title--] | Responsible: [--Responsible--] Version / Date: [--VX.X / YYYY-MM-DD--] | Confidentiality Class: [--Confidentiality Class--] © 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: Bug Bounty แบบแมว ๆ| Responsible: P. Morimoto Version / Date: 1.0 / 2017-09-30 | Confidentiality Class: Public © 2014 SEC Consult Unternehmensberatung GmbH All rights reserved I like it, sounds good to me 24 Question: Shall my company start Bug Bounty Program now? Answer: Stop there! Please learn things from HackerOne 1. Bug Bounty Readiness Assessment Questionnaire https://drive.google.com/file/d/0Bw2srC8rsYIRUDZJU1R0UmJLTG8/view 2. Bug Bounty Field Manual https://www.hackerone.com/resources/bug-bounty-field-manual (https://www.hackerone.com/assets/images/landing/resources/ downloads/Bug-Bounty-Field-Manual-complete-ebook.pdf)
  • 25. © 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: [--Title--] | Responsible: [--Responsible--] Version / Date: [--VX.X / YYYY-MM-DD--] | Confidentiality Class: [--Confidentiality Class--] © 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: Bug Bounty แบบแมว ๆ| Responsible: P. Morimoto Version / Date: 1.0 / 2017-09-30 | Confidentiality Class: Public © 2014 SEC Consult Unternehmensberatung GmbH All rights reserved What if … 25 • We do vulnerability scan frequently • We do pentest for newly developed system and/or quarterly • We have dedicated IT security team (blue team and/or red team) • We have a variety of internal and external webapps and mobile APIs • We often receive vulnerability reports from security researchers = Please consider Bug Bounty Program J
  • 26. © 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: [--Title--] | Responsible: [--Responsible--] Version / Date: [--VX.X / YYYY-MM-DD--] | Confidentiality Class: [--Confidentiality Class--] © 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: Bug Bounty แบบแมว ๆ| Responsible: P. Morimoto Version / Date: 1.0 / 2017-09-30 | Confidentiality Class: Public © 2014 SEC Consult Unternehmensberatung GmbH All rights reserved What if … 26 • My company has never done VA and/or Pentest • We have no IT security team • We have only a small webapp • We have never received any vulnerability report = Bug Bounty Program is not yet for you !
  • 27. © 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: [--Title--] | Responsible: [--Responsible--] Version / Date: [--VX.X / YYYY-MM-DD--] | Confidentiality Class: [--Confidentiality Class--] © 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: Bug Bounty แบบแมว ๆ| Responsible: P. Morimoto Version / Date: 1.0 / 2017-09-30 | Confidentiality Class: Public © 2014 SEC Consult Unternehmensberatung GmbH All rights reserved 27 A Hacker + Critical Vulnerability = ? • Keep Secret • Hack For $$$$ • Full Disclosure • Vulnerability Disclosure Program • Bug Bounty Program
  • 28. © 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: [--Title--] | Responsible: [--Responsible--] Version / Date: [--VX.X / YYYY-MM-DD--] | Confidentiality Class: [--Confidentiality Class--] © 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: Bug Bounty แบบแมว ๆ| Responsible: P. Morimoto Version / Date: 1.0 / 2017-09-30 | Confidentiality Class: Public © 2014 SEC Consult Unternehmensberatung GmbH All rights reserved Must Have: Vulnerability Disclosure Program 28 responsible.disclosure@citi.com https://online.citi.com/US/JRS/pands/detail.do?ID=ReportingVulnerability security.disclosures@rbs.co.uk http://personal.rbs.co.uk/personal/security-centre/responsible-disclosure.html
  • 29. © 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: [--Title--] | Responsible: [--Responsible--] Version / Date: [--VX.X / YYYY-MM-DD--] | Confidentiality Class: [--Confidentiality Class--] © 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: Bug Bounty แบบแมว ๆ| Responsible: P. Morimoto Version / Date: 1.0 / 2017-09-30 | Confidentiality Class: Public © 2014 SEC Consult Unternehmensberatung GmbH All rights reserved Must Have: Vulnerability Disclosure Program 29 1. Create security contacts • security@<company-domain> • alert@<company-domain> 2. Vulnerability Disclosure Program Policy • Guidelines • Scope / Out of scope • How to report a vulnerability ? • Optional: HOF, Swags, Bounties Hint: Open Source Responsible Disclosure Framework https://github.com/bugcrowd/disclosure-policy Forward emails to your IT guys
  • 30. © 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: [--Title--] | Responsible: [--Responsible--] Version / Date: [--VX.X / YYYY-MM-DD--] | Confidentiality Class: [--Confidentiality Class--] © 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: Bug Bounty แบบแมว ๆ| Responsible: P. Morimoto Version / Date: 1.0 / 2017-09-30 | Confidentiality Class: Public © 2014 SEC Consult Unternehmensberatung GmbH All rights reserved 30 BugCrowd's Open Source Responsible Disclosure Framework https://github.com/bugcrowd/disclosure-policy
  • 31. © 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: [--Title--] | Responsible: [--Responsible--] Version / Date: [--VX.X / YYYY-MM-DD--] | Confidentiality Class: [--Confidentiality Class--] © 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: Bug Bounty แบบแมว ๆ| Responsible: P. Morimoto Version / Date: 1.0 / 2017-09-30 | Confidentiality Class: Public © 2014 SEC Consult Unternehmensberatung GmbH All rights reserved 31 Bug Bounty Program - Do’s and Don’ts • Understand the program policy • Avoid out of scope issues • Be patient for reported issues • Use your test accounts for PoC • Do not cross the lines • Avoid business impact at all costs • Do not harm the system availability (No DoS) • No physical attacks and social engineering • Do not disclosure other users’ data https://en-gb.facebook.com/whitehat
  • 32. © 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: [--Title--] | Responsible: [--Responsible--] Version / Date: [--VX.X / YYYY-MM-DD--] | Confidentiality Class: [--Confidentiality Class--] © 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: Bug Bounty แบบแมว ๆ| Responsible: P. Morimoto Version / Date: 1.0 / 2017-09-30 | Confidentiality Class: Public © 2014 SEC Consult Unternehmensberatung GmbH All rights reserved 32 Eligible Bugs
  • 33. © 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: [--Title--] | Responsible: [--Responsible--] Version / Date: [--VX.X / YYYY-MM-DD--] | Confidentiality Class: [--Confidentiality Class--] © 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: Bug Bounty แบบแมว ๆ| Responsible: P. Morimoto Version / Date: 1.0 / 2017-09-30 | Confidentiality Class: Public © 2014 SEC Consult Unternehmensberatung GmbH All rights reserved 33 Eligible Bugs
  • 34. © 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: [--Title--] | Responsible: [--Responsible--] Version / Date: [--VX.X / YYYY-MM-DD--] | Confidentiality Class: [--Confidentiality Class--] © 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: Bug Bounty แบบแมว ๆ| Responsible: P. Morimoto Version / Date: 1.0 / 2017-09-30 | Confidentiality Class: Public © 2014 SEC Consult Unternehmensberatung GmbH All rights reserved 34 Eligible Bugs
  • 35. © 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: [--Title--] | Responsible: [--Responsible--] Version / Date: [--VX.X / YYYY-MM-DD--] | Confidentiality Class: [--Confidentiality Class--] © 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: Bug Bounty แบบแมว ๆ| Responsible: P. Morimoto Version / Date: 1.0 / 2017-09-30 | Confidentiality Class: Public © 2014 SEC Consult Unternehmensberatung GmbH All rights reserved 35 Eligible Bugs https://www.facebook.com/notes/facebook-security/ link-shim-protecting-the-people-who-use-facebook-from-malicious-urls/10150492832835766/
  • 36. © 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: [--Title--] | Responsible: [--Responsible--] Version / Date: [--VX.X / YYYY-MM-DD--] | Confidentiality Class: [--Confidentiality Class--] © 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: Bug Bounty แบบแมว ๆ| Responsible: P. Morimoto Version / Date: 1.0 / 2017-09-30 | Confidentiality Class: Public © 2014 SEC Consult Unternehmensberatung GmbH All rights reserved 36 Eligible Bugs https://www.openbugbounty.org/reports/171730/
  • 37. © 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: [--Title--] | Responsible: [--Responsible--] Version / Date: [--VX.X / YYYY-MM-DD--] | Confidentiality Class: [--Confidentiality Class--] © 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: Bug Bounty แบบแมว ๆ| Responsible: P. Morimoto Version / Date: 1.0 / 2017-09-30 | Confidentiality Class: Public © 2014 SEC Consult Unternehmensberatung GmbH All rights reserved 37 Eligible Bugs - Vulnerability or Usability ? User does exist But incorrect password User does not exist !
  • 38. © 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: [--Title--] | Responsible: [--Responsible--] Version / Date: [--VX.X / YYYY-MM-DD--] | Confidentiality Class: [--Confidentiality Class--] © 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: Bug Bounty แบบแมว ๆ| Responsible: P. Morimoto Version / Date: 1.0 / 2017-09-30 | Confidentiality Class: Public © 2014 SEC Consult Unternehmensberatung GmbH All rights reserved 38 Bug Bounty Program Policy - Uber https://hackerone.com/uber
  • 39. © 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: [--Title--] | Responsible: [--Responsible--] Version / Date: [--VX.X / YYYY-MM-DD--] | Confidentiality Class: [--Confidentiality Class--] © 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: Bug Bounty แบบแมว ๆ| Responsible: P. Morimoto Version / Date: 1.0 / 2017-09-30 | Confidentiality Class: Public © 2014 SEC Consult Unternehmensberatung GmbH All rights reserved 39 Bug Bounty Report Writing https://en-gb.facebook.com/whitehat/resources/
  • 40. © 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: [--Title--] | Responsible: [--Responsible--] Version / Date: [--VX.X / YYYY-MM-DD--] | Confidentiality Class: [--Confidentiality Class--] © 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: Bug Bounty แบบแมว ๆ| Responsible: P. Morimoto Version / Date: 1.0 / 2017-09-30 | Confidentiality Class: Public © 2014 SEC Consult Unternehmensberatung GmbH All rights reserved 40 Bug Bounty Report Writing https://en-gb.facebook.com/whitehat/resources/
  • 41. © 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: [--Title--] | Responsible: [--Responsible--] Version / Date: [--VX.X / YYYY-MM-DD--] | Confidentiality Class: [--Confidentiality Class--] © 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: Bug Bounty แบบแมว ๆ| Responsible: P. Morimoto Version / Date: 1.0 / 2017-09-30 | Confidentiality Class: Public © 2014 SEC Consult Unternehmensberatung GmbH All rights reserved 41 My Stories & Tips
  • 42. © 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: [--Title--] | Responsible: [--Responsible--] Version / Date: [--VX.X / YYYY-MM-DD--] | Confidentiality Class: [--Confidentiality Class--] © 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: Bug Bounty แบบแมว ๆ| Responsible: P. Morimoto Version / Date: 1.0 / 2017-09-30 | Confidentiality Class: Public © 2014 SEC Consult Unternehmensberatung GmbH All rights reserved 42 My Stories & Tips
  • 43. © 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: [--Title--] | Responsible: [--Responsible--] Version / Date: [--VX.X / YYYY-MM-DD--] | Confidentiality Class: [--Confidentiality Class--] © 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: Bug Bounty แบบแมว ๆ| Responsible: P. Morimoto Version / Date: 1.0 / 2017-09-30 | Confidentiality Class: Public © 2014 SEC Consult Unternehmensberatung GmbH All rights reserved 43 My Stories & Tips
  • 44. © 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: [--Title--] | Responsible: [--Responsible--] Version / Date: [--VX.X / YYYY-MM-DD--] | Confidentiality Class: [--Confidentiality Class--] © 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: Bug Bounty แบบแมว ๆ| Responsible: P. Morimoto Version / Date: 1.0 / 2017-09-30 | Confidentiality Class: Public © 2014 SEC Consult Unternehmensberatung GmbH All rights reserved 44 My Stories & Tips
  • 45. © 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: [--Title--] | Responsible: [--Responsible--] Version / Date: [--VX.X / YYYY-MM-DD--] | Confidentiality Class: [--Confidentiality Class--] © 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: Bug Bounty แบบแมว ๆ| Responsible: P. Morimoto Version / Date: 1.0 / 2017-09-30 | Confidentiality Class: Public © 2014 SEC Consult Unternehmensberatung GmbH All rights reserved For any further questions contact your SEC Consult Expert. Pichaya Morimoto p.morimoto@sec-consult.com SEC Consult (Thailand) Co., Ltd. 29/1 Piyaplace Langsuan Building, 16B Soi Langsuan, Lumpini, Pathumwan Bangkok 10330, Thailand www.sec-consult.com
  • 46. © 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: [--Title--] | Responsible: [--Responsible--] Version / Date: [--VX.X / YYYY-MM-DD--] | Confidentiality Class: [--Confidentiality Class--] © 2013 SEC Consult Unternehmensberatung GmbH All rights reserved Title: Bug Bounty แบบแมว ๆ| Responsible: P. Morimoto Version / Date: 1.0 / 2017-09-30 | Confidentiality Class: Public © 2014 SEC Consult Unternehmensberatung GmbH All rights reserved 46 Contact GERMANY SEC Consult Unternehmensberatung Deutschland GmbH Bockenheimer Landstraße 17-19 60325 Frankfurt / Main Tel +49 69 175 373 43 | Fax +49 69 175 373 44 Email office-frankfurt@sec-consult.com AUSTRIA SEC Consult Unternehmensberatung GmbH Mooslackengasse 17 1190 Vienna Tel +43 1 890 30 43 0 | Fax +43 1 890 30 43 15 Email office@sec-consult.com LITHUANIA UAB Critical Security, a SEC Consult company Sauletekio al. 15-311 10224 Vilnius Tel +370 5 2195535 Email office-vilnius@sec-consult.com RUSSIA CJCS Security Monitor 5th Donskoy proyezd, 15, Bldg. 6 119334, Moscow Tel +7 495 662 1414 Email info@securitymonitor.ru SINGAPORE SEC Consult Singapore PTE. LTD 4 Battery Road #25-01 Bank of China Building Singapore (049908) Email office-singapore@sec-consult.com CANADA i-SEC Consult Inc. 100 René-Lévesque West, Suite 2500 Montréal (Quebec) H3B 5C9 Email office-montreal@sec-consult.com AUSTRIA SEC Consult Unternehmensberatung GmbH Komarigasse 14/1 2700 Wiener Neustadt Tel +43 1 890 30 43 0 Email office@sec-consult.com THAILAND SEC Consult (Thailand) Co., Ltd. 29/1 Piyaplace Langsuan Building 16th Floor, 16B Soi Langsuan, Ploen Chit Road Lumpini, Patumwan | Bangkok 10330 Tel +66 02 041 1146 Email office-bangkok@sec-consult.com www.sec-consult.com