Check Your Site Vulnerability if Listing on Bug Bounty Site - NETSEC

Latest

Learning, Sharing, Creating

Cybersecurity Memo

Friday, July 13, 2018

Check Your Site Vulnerability if Listing on Bug Bounty Site

As long as your web application published on Internet, one day it will face the hackers scanning. There is no 100% security and you always want to find out the vulnerability first before it can be exploited. There are many bounty programs online to attract hackers to search those vulnerabilities and publish out, also notify web master. Open Bug Bounty is one of them and probably most popular one.



1. Open Bug Bounty Website

Started in June 2014, Open Bug Bounty is a non-profit platform designed to connect security researchers and website owners in a transparent, respectful and mutually valuable manner. Open Bug Bounty’s coordinated vulnerability disclosure platform allows any security researcher reporting a vulnerability on any website as long as the vulnerability is discovered without any intrusive testing techniques and is submitted following responsible disclosure guidelines.



2. Search the Website you want to check






3. Check the finding





There is a vulnerable URL:
http://www.abc.efg/en/1247.htm?query="/><script src=https://openbugbounty.org/1.js>

and the screenshot to prove this vulnerability.

It also tells you when this vulnerability found and if it is active, and what is the public disclosure date. In this example, you will see this vulnerability reported on April 1 2018. Public disclosure date is June 30 2018. On the same date it found, the vulnerability has been notified the website operator. 

Another url relating Cross Site Scripting you can try is :
http://www.abc.efg/en/1247.htm?query="/><script>alert(/XSSPOSED/)</script>



4. Verify the vulnerability



Unfortunately, if you directly copy the url into web browser , it wont work since most of modern browser has a feature to block this type of XSS (Cross Site Scripting) attack.





If you use Microsoft Edge, you will find the same result shows in the OpenBugBounty website.




For Chrome, you will need enable one parameter '-disable-xss-auditor' to bypass XSS auditor:
Chrome with -disable-xss-auditor

After clicked ok, close all Chrome window. Reopen Chrome again with this new added parameter -disable-xss-auditor.

No comments:

Post a Comment