YESWEHACK PROPHILE ON SONNY
Categories
Reading Time 4 min
┌▄──────────────────────────────────────────────────────────────────────▄┐ ├■▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀■[ YESWEHACK PROPHILE ON SONNY ]■▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄■┤ ├■──────────────────────────────────────────────────────────────────────■┤ ├■▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀▄▀■┤ └▀──────────────────────────────────────────────────────────────────────▀┘ July 02, 2020. ╔══════════════════════════════════ WHOIS ═══════════════════════════════╗ ║ Handle: SONNY ║ ║ AKA: delta0ne ║ ║ Age of your body: 30+ ║ ║ Produced in: UK ║ ║ Active In: Proxying the world ║ ║ Superpowers: Jedi Mind Tricks ║ ║ Life in a sentence: I don't even see the code anymore ║ ╚════════════════════════════════════════════════════════════════════════╝
QUOTES ╔════════════════════════════════════════════════════════════════════════╗ ║ Try ' then '' then ''' then '''' ... and to be sure '''''' ║ ╚════════════════════════════════════════════════════════════════════════╝ ARMORY ╔════════════════════════════════════════════════════════════════════════╗ ║ Burp Suite, Param Miner and Turbo Intruder (James Kettle is a legend!)║ ║ Decent playlist ║ ║ Right Click + Scan ║ ╚════════════════════════════════════════════════════════════════════════╝ ▀▄█▓▒░ Hello, who are you? │ ────────────────────────────────────────────────────────────────── └─ Hi, I'm a Security Researcher in Singapore looking to find tropical bugs! ▀▄█▓▒░ Do you remember your first contact with a computer? │ ────────────────────────────────────────────────────────────────── └─ Yeah, we're talking a while ago, the only thing I could do with it was play solitaire from a keyboard but damn... when you get all those cards jumping out at the end, no greater feeling. ▀▄█▓▒░ What will you learn next? │ ────────────────────────────────────────────────────────────────── └─ I'd like try a proper deep dive on a project which can be done with a local install, i'm reading interesting writeups on Whitebox testing where they do some cool .tar uploads and exploit symlinks in a strange path, I want to be that guy. ▀▄█▓▒░ How did you come to Bug Bounty ? │ ────────────────────────────────────────────────────────────────── └─ I have this bucket list of vulnerabilities that I wanted to find as I learned more about security and Bug Bounty provided a wider range of applications to find them. I'm ticking them off one by one but seriously why can't I find Template Injection ... I think it would bring me more joy than a direct RCE. A close friend of mine told me it's the ultimate personal reward in White hat Security, finding a bug which makes a company to stop, listen and allocate resources to an issue you've found.. a team of people likely on the other side of the world has to devote their time to read your report and fix it ASAP... I thought it was cool. ▀▄█▓▒░ You are active on YesWeHack and have practiced others BB platforms, | What are your Do/Don't? | What are your expectations ? │ ────────────────────────────────────────────────────────────────── └─ == Do: == - Always provide a well-structured report, this will likely be viewed by multiple people of different technical levels who ultimately decide if it's accepted or not. "ALERT(1) PLZ GIVE $" probably doesn't help... this is me a year ago. == Don't: == - When a decision doesn't go your way, don't immediately respond with your complaint, take time to think about it from the program owners perspective and reply with a detailed response/evidence to support your view. (If still no joy, focus on and get the next bug). == Expectations: == - Communication from program teams goes a long way to entice me to look further, in terms of responding with detailed comments as to why something may not be accepted or an open to discussion on impact/severity. (You give me time, I give you time) - What happened to all the Swag? ▀▄█▓▒░ What advice can you give to someone who wants to start in │ bug bounty? │ ────────────────────────────────────────────────────────────────── └─ Burnout and being deterred from a hardened target is a factor everyone faces, even more so when you're first starting out. Going in with an alternative motivation that’s not based on making $ for yourself is important to keep spirits high. Whether it be learning more, competing with others(Bug Hunters/Devs) or that desire to find something so broken you can repurpose it into a beautiful exploit... that’s art. There is a huge surge in the community of people publishing regular blogs/techniques/live streams and tweets on everything around the security industry, diversify your news stream and particularly those outside of your spoken language too. You reading Vietnamese/Korean writeups? You should be! ▀▄█▓▒░ You have displayed an impressive skillset on YesWeHack public programs, can you give away hints on your hunting methodology? │ ────────────────────────────────────────────────────────────────── └─ It's interesting how my methodology has developed, initially I was a messy hunter hitting wild card domains and relying on tools to reveal vulns only on the surface level, which was yielding results but it became a bit boring for me and I lost interest as I wasn't expressing any creativity. Right now I'm focussing on small to medium sized projects with the goal of understanding the functions/flows to a really fine detail, this is where the high-critical vulnerabilities are, they're more than likely missed by Scanners, Developers and Internal Auditors... it might take me a couple of weeks to find it but it's worth it. Protip: If you're not hunting for hidden parameters ...you should be... ▀▄█▓▒░ Is there a life AFK ? │ ────────────────────────────────────────────────────────────────── └─ Right in the feels... Ask me next year ▀▄█▓▒░ What is the future ? │ ────────────────────────────────────────────────────────────────── └─ I think the last few months have been pretty interesting in how the landscape of tech is changing, from an increase in telecommuting, development of apps built around supporting companies/people during a pandemic and overall digitalisation of industries which were slower to adapt. This feels like 10+ years of progress rushed in a few months to make it work, even well planned/tested applications have issues, so I have concerns but I hope that Bounty Hunting will play a role in securing these new avenues of tech and I'd like to help :) --------[ EOF