Free Bugs Campaign

Transcript

1. None

2. : -> @8ayac (Twitter/HackerOne/Flickr) 2 PSIRT (’18/04~) MBSD Cybersecurity Challenges

   (’17/’18) GitLab Bug Bounty Program - Hall of Fame 7 (2018) 45 BugHunt / (←New!) CWE CWE-79 / CWE-400 Follow @8ayac 1

3. Follow @8ayac 2

4. Free Bugs Campaign Follow @8ayac 3

5. Free Hugs Campaign ※ Follow @8ayac 4

6. None
7. None

8. Burp Pro Cy-PSIRT HackerOne Follow @8ayac 7

9. CVE-XXXX-XXXX … ( Burp Pro ) Follow @8ayac 8

10. None

11. Follow @8ayac 10

12. Follow @8ayac 11

13. None
14. None

15. Follow @8ayac 14

16. Follow @8ayac 15

17. + DEMO + α Stored XSS(1) - $0 - $0

    Stored XSS(2) - $0 Free Bugs Campaign Follow @8ayac 16
18. None

19. OSS GitLab Issue Tracker / ✨ Follow @8ayac 18

20. None

21. Title: Issue Stored XSS Issue Type: XSS(CWE-79) Severity: High(7~8.9) Affected

    Versions: 11.3.x < 11.3.1 11.2.x < 11.2.4 11.1.x < 11.1.7 Report: https://hackerone.com/reports/384255 Follow @8ayac 20
22. None

23. https://github.com/gitlabhq/gitlabhq/commit/6d360c210d3d822fc266eecc04753481ae4bda70#diff-ebb2ac556337fa87bae1c9e999fca8cfR2 Follow @8ayac 22

24. None

25. Follow @8ayac 24

26. Follow @8ayac 25

27. Follow @8ayac 26

28. Follow @8ayac 27

29. GitLab Public Program 10 Follow @8ayac 28

30. Title: Issue Type: Information Exposure Through Browser Caching(CWE-525) Severity: Medium

    Affected Versions: 11.4.x < 11.4.3 11.3.x < 11.3.8 11.2.x < 11.2.7 Report: https://hackerone.com/reports/407763 Follow @8ayac 29
31. None

32. https://github.com/gitlabhq/gitlabhq/commit/782badd0a2cd00d2a9cbe591e78b30aca32e252b#diff-55c5b7aecfb519d0e4880eaf2788eb6e Follow @8ayac 31

33. None

34. Follow @8ayac 33

35. Follow @8ayac 34

36. Follow @8ayac 35

37. Follow @8ayac 36

38. Follow @8ayac 37

39. Follow @8ayac 38

40. Follow @8ayac 39

41. Follow @8ayac 40

42. Follow @8ayac 41

43. Follow @8ayac 42

44. Public Program Private Follow @8ayac 43

45. Title: Stored XSS Issue Type: XSS(CWE-79) Severity: High Affected Versions:

    11.4.x < 11.4.3 11.3.x < 11.3.8 11.2.x < 11.2.7 Report: https://hackerone.com/reports/409380 Follow @8ayac 44
46. None

47. Follow @8ayac 46

48. None
49. None

50. GitLab Public Program ! !(Low $1000) : https://hackerone.com/gitlab/policy_versions?change=3597572# Follow @8ayac

    49

51. Follow @8ayac 50

52. Follow @8ayac 51

53. Follow @8ayac 52

54. Follow @8ayac 53

55. Follow @8ayac 54

56. Follow @8ayac 55

57. Follow @8ayac 56

58. None
59. None

60. @zseano : Are you submitting bugs for free when others

    are being paid?... Follow @8ayac 59

61. Follow @8ayac 60

62. Private Private Researcher Follow @8ayac 61

63. Private Private Researcher Follow @8ayac 62

64. Free Bugs Campaign : Public Private Follow @8ayac 63

65. Follow @8ayac 64

66. Follow @8ayac 65

67. None

68. $500 ( ) “Private Program” GitLab ( HackEDU) 100 Burp

    ( ) Follow @8ayac 67

69. ☺