community
YESWEHACK PROPHILE ON SONNY
July 2, 2020
┌▄──────────────────────────────────────────────────────────────────────▄┐
├■▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀■[ YESWEHACK PROPHILE ON SONNY ]■▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄■┤
├■──────────────────────────────────────────────────────────────────────■┤
├■▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀■┤
└▀──────────────────────────────────────────────────────────────────────▀┘
July 02, 2020.
╔══════════════════════════════════ WHOIS ═══════════════════════════════╗
║ Handle: SONNY ║
║ AKA: delta0ne ║
║ Age of your body: 30+ ║
║ Produced in: UK ║
║ Active In: Proxying the world ║
║ Superpowers: Jedi Mind Tricks ║
║ Life in a sentence: I don't even see the code anymore ║
╚════════════════════════════════════════════════════════════════════════╝
QUOTES
╔════════════════════════════════════════════════════════════════════════╗
║ Try ' then '' then ''' then '''' ... and to be sure '''''' ║
╚════════════════════════════════════════════════════════════════════════╝
ARMORY
╔════════════════════════════════════════════════════════════════════════╗
║ Burp Suite, Param Miner and Turbo Intruder (James Kettle is a legend!)║
║ Decent playlist ║
║ Right Click + Scan ║
╚════════════════════════════════════════════════════════════════════════╝
▀▄█▓▒░ Hello, who are you?
│ ──────────────────────────────────────────────────────────────────
└─ Hi, I'm a Security Researcher in Singapore looking to find tropical
bugs!
▀▄█▓▒░ Do you remember your first contact with a computer?
│ ──────────────────────────────────────────────────────────────────
└─ Yeah, we're talking a while ago, the only thing I could do with it
was play solitaire from a keyboard but damn... when you get all those
cards jumping out at the end, no greater feeling.
▀▄█▓▒░ What will you learn next?
│ ──────────────────────────────────────────────────────────────────
└─ I'd like try a proper deep dive on a project which can be done with
a local install, i'm reading interesting writeups on Whitebox testing
where they do some cool .tar uploads and exploit symlinks in a strange
path, I want to be that guy.
▀▄█▓▒░ How did you come to Bug Bounty ?
│ ──────────────────────────────────────────────────────────────────
└─ I have this bucket list of vulnerabilities that I wanted to find as
I learned more about security and Bug Bounty provided a wider range of
applications to find them.
I'm ticking them off one by one but seriously why can't I find Template
Injection ... I think it would bring me more joy than a direct RCE.
A close friend of mine told me it's the ultimate personal reward in
White hat Security, finding a bug which makes a company to stop, listen
and allocate resources to an issue you've found.. a team of people
likely on the other side of the world has to devote their time to read
your report and fix it ASAP... I thought it was cool.
▀▄█▓▒░ You are active on YesWeHack and have practiced others BB platforms,
| What are your Do/Don't?
| What are your expectations ?
│ ──────────────────────────────────────────────────────────────────
└─ == Do: ==
- Always provide a well-structured report, this will likely be viewed
by multiple people of different technical levels who ultimately decide
if it's accepted or not.
"ALERT(1) PLZ GIVE $" probably doesn't help... this is me a year ago.
== Don't: ==
- When a decision doesn't go your way, don't immediately respond with
your complaint, take time to think about it from the program owners
perspective and reply with a detailed response/evidence to support
your view. (If still no joy, focus on and get the next bug).
== Expectations: ==
- Communication from program teams goes a long way to entice me to
look further, in terms of responding with detailed comments as to why
something may not be accepted or an open to discussion on
impact/severity. (You give me time, I give you time)
- What happened to all the Swag?
▀▄█▓▒░ What advice can you give to someone who wants to start in
│ bug bounty?
│ ──────────────────────────────────────────────────────────────────
└─ Burnout and being deterred from a hardened target is a factor
everyone faces, even more so when you're first starting out.
Going in with an alternative motivation that’s not based on making $
for yourself is important to keep spirits high. Whether it be learning
more, competing with others(Bug Hunters/Devs) or that desire to find
something so broken you can repurpose it into a beautiful exploit...
that’s art.
There is a huge surge in the community of people publishing regular
blogs/techniques/live streams and tweets on everything around the
security industry, diversify your news stream and particularly those
outside of your spoken language too. You reading Vietnamese/Korean
writeups? You should be!
▀▄█▓▒░ You have displayed an impressive skillset on YesWeHack public
programs, can you give away hints on your hunting methodology?
│ ──────────────────────────────────────────────────────────────────
└─ It's interesting how my methodology has developed, initially I was
a messy hunter hitting wild card domains and relying on tools to reveal
vulns only on the surface level, which was yielding results but it
became a bit boring for me and I lost interest as I wasn't expressing
any creativity.
Right now I'm focussing on small to medium sized projects with the goal
of understanding the functions/flows to a really fine detail, this is
where the high-critical vulnerabilities are, they're more than likely
missed by Scanners, Developers and Internal Auditors... it might take
me a couple of weeks to find it but it's worth it.
Protip: If you're not hunting for hidden parameters
...you should be...
▀▄█▓▒░ Is there a life AFK ?
│ ──────────────────────────────────────────────────────────────────
└─ Right in the feels... Ask me next year
▀▄█▓▒░ What is the future ?
│ ──────────────────────────────────────────────────────────────────
└─ I think the last few months have been pretty interesting in how the
landscape of tech is changing, from an increase in telecommuting,
development of apps built around supporting companies/people during a
pandemic and overall digitalisation of industries which were slower
to adapt.
This feels like 10+ years of progress rushed in a few months to make
it work, even well planned/tested applications have issues, so I have
concerns but I hope that Bounty Hunting will play a role in securing
these new avenues of tech and I'd like to help :)
--------[ EOF