Nomination – top 10 best web hacking methods in 2023. Each article deserves attention:
•
– Ransacking your password reset tokens;
– mTLS: When certificate authentication is done wrong;
– Smashing the state machine: the true potential of web race conditions;
– Bypass firewalls with of-CORs and typo-squatting;
– RCE via LDAP truncation on hg.mozilla.org;
– Cookie Bugs – Smuggling & Injection;
– OAuth 2.0 Redirect URI Validation Falls Short, Literally;
– Prototype Pollution in Python;
– Pretalx Vulnerabilities: How to get accepted at every conference;
– From Akamai to F5 to NTLM… with love;
– can I speak to your manager? hacking root EPP servers to take control of zones;
– Blind CSS Exfiltration: exfiltrate unknown web pages;
– Server-side prototype pollution: Black-box detection without the DoS;
– Tricks for Reliable Split-Second DNS Rebinding in Chrome and Safari;
– HTML Over the Wire;
– SMTP Smuggling – Spoofing E-Mails Worldwide;
– DOM-based race condition: racing in the browser for fun;
– You Are Not Where You Think You Are, Opera Browsers Address Bar Spoofing Vulnerabilities;
– CVE-2022-4908: SOP bypass in Chrome using Navigation API;
– SSO Gadgets: Escalate (Self-)XSS to ATO;
– Three New Attacks Against JSON Web Tokens;
– Introducing wrapwrap: using PHP filters to wrap a file with a prefix and suffix;
– PHP filter chains: file read from error-based oracle;
– SSRF Cross Protocol Redirect Bypass;
– A New Vector For “Dirty” Arbitrary File Write to RCE;
– How I Hacked Microsoft Teams and got $150,000 in Pwn2Own;
– AWS WAF Clients Left Vulnerable to SQL Injection Due to Unorthodox MSSQL Design Choice;
– BingBang: AAD misconfiguration led to Bing.com results manipulation and account takeover;
– MyBB Admin Panel RCE CVE-2023-41362;
– Source Code at Risk: Critical Code Vulnerability in CI/CD Platform TeamCity;
– Code Vulnerabilities Put Skiff Emails at Riskr;
– How to break SAML if I have paws?
– JMX Exploitation Revisited;
– Java Exploitation Restrictions in Modern JDK Times;
– Exploiting Hardened .NET Deserialization;
– Unserializable, but unreachable: Remote code execution on vBulletin;
– Cookieless DuoDrop: IIS Auth Bypass & App Pool Privesc in ASP.NET Framework;
– Hunting for Nginx Alias Traversals in the wild;
– DNS Analyzer – Finding DNS vulnerabilities with Burp Suite;
– Oh-Auth – Abusing OAuth to take over millions of accounts;
– nOAuth: How Microsoft OAuth Misconfiguration Can Lead to Full Account Takeover;
– One Scheme to Rule Them All: OAuth Account Takeover;
– Exploiting HTTP Parsers Inconsistencies;
– New ways of breaking app-integrated LLMs;
– State of DNS Rebinding in 2023;
– Fileless Remote Code Execution on Juniper Firewalls;
– Thirteen Years On: Advancing the Understanding of IIS Short File Name (SFN) Disclosure!
– Metamask Snaps: Playing in the Sand;
– Uncovering a crazy privilege escalation from Chrome extensions;
– Code Vulnerabilities Put Proton Mails at Risk;
– Hacking into gRPC-Web;
– Yelp ATO via XSS + Cookie Bridge;
– HTTP Request Splitting vulnerabilities exploitation;
– XSS in GMAIL Dynamic Email;
– Azure B2C Crypto Misuse and Account Compromise;
– Compromising F5 BIGIP with Request Smuggling;
– One Supply Chain Attack to Rule Them All;
– Cookie Crumbles: Breaking and Fixing Web Session Integrity;
– tRPC Security Research: Hunting for Vulnerabilities in Modern APIs;
– From an Innocent Client-Side Path Traversal to Account Takeover.
#web #hack
