Google CTF - Web 6 - Purple Wombats
Google CTF – Web 6 – Purple Wombats
Author: 
Brett Buerhaus
Brett BuerhausYear: 2016
Google CTF – Web 5 – Wallowing Wallabies – Part Three
Author: Brett Buerhaus
Brett BuerhausGoogle CTF - Web 2 - Wallowing Wallabies - Part Two
Continuing on from Wallowing Wallabies Part 1 and Wallowing Wallabies Part 2.
Google CTF – Web 1 – Wallowing Wallabies – Part One
Author: Brett Buerhaus
Brett BuerhausGoogle CTF - Web 1 - Wallowing Wallabies - Part One
ESEA Server-Side Request Forgery and Querying AWS Meta Data
Author: Brett Buerhaus
Brett Buerhaus
For anyone familiar with the Counter-Strike competitive scene, you know about ESEA. They just recently launched a bounty program that puts their website, game client, and game servers in scope for security research.
I spent a night taking a look over the website and found a few vulnerabilities. The most interesting discovery was a Server-Side Request Forgery vulnerability. Using a cool trick that Ben Sadeghipour (@NahamSec) showed me, I was able to pull private information from ESEA's AWS metadata.
Yahoo Login Protection Seal – Stored CSS Injection
Author: Brett Buerhaus
Brett Buerhaus
In 2014 I discovered a vulnerability on Yahoo's Login Protection seal that allowed for CSS injection. This information was saved to the browser and IP, persisting across login sessions on that computer. The protection seal feature has since been removed from the login page, but the feature still exists in your account preferences.