very informative. i do not know if it is possible for you but you can run down 5 worst reports you see as triager and how they could have been imporoved and what could real impact can be . i am not sure you are actually working as triager or not but hopefully u got my point
So I kind of work as a triager - I manage the Bugcrowd team. I'm often on queue though! I have a video in mind for it, but there's some other content others are working on that hits on this first and I'm waiting until that's out so I don't step on any toes. I recommend watching Nahamcon - reporting content there!
Depends on a few factors, mostly cache headers. Basically - think back to "as an attacker I could" - if there's no cache headers, you could get that information from cache later. In general, yes, likely reportable.
I think it's a vulnerability because per HTTP spec user agent *history* mechanism is different from *cache* and even if the server responds with "no-store" to avoid caching, the GET URL may still be included in the history even if the response is not stored in the cache. However, if the expected use case is that end users save user name and password in their browser and the browser doesn't require password to decrypt keyring, there's no additional risk in practice. I wouldn't send any true secrets (e.g. user defined password) over HTTP GET.
Thanks for the TOC with clear headers and timestamps! I wish more channels did this with their videos.
Thanks! I usually aim to do it on longer content.
Amazing content !
Appreciate it!
very informative. i do not know if it is possible for you but you can run down 5 worst reports you see as triager and how they could have been imporoved and what could real impact can be . i am not sure you are actually working as triager or not but hopefully u got my point
So I kind of work as a triager - I manage the Bugcrowd team. I'm often on queue though! I have a video in mind for it, but there's some other content others are working on that hits on this first and I'm waiting until that's out so I don't step on any toes. I recommend watching Nahamcon - reporting content there!
@@codingo good to know ! thanks alot for consideration
Really helpful video, I gonna spend more time learning how to use autorize, seems to be an extension all pros use.
Great to hear! I think so - going to do a video on it soon.
Really great content. Definitely got some value out of this one.
Glad to hear it!
Just a question: -
what about sending username and password in get request over HTTPS?? is it a vulnerability or not
Depends on a few factors, mostly cache headers. Basically - think back to "as an attacker I could" - if there's no cache headers, you could get that information from cache later. In general, yes, likely reportable.
@@codingo thanks for the information
I think it's a vulnerability because per HTTP spec user agent *history* mechanism is different from *cache* and even if the server responds with "no-store" to avoid caching, the GET URL may still be included in the history even if the response is not stored in the cache.
However, if the expected use case is that end users save user name and password in their browser and the browser doesn't require password to decrypt keyring, there's no additional risk in practice.
I wouldn't send any true secrets (e.g. user defined password) over HTTP GET.
@@MikkoRantalainen got NA 😂😂
Good job! Thanks.
Thank-you!
Thanks for clarification on these bugs 😀
Any time!
Great as always!.
Thank you! Cheers!
How much time we need to wait regarding session management bugs like 1hour or 6 hours to check?
As a general rule, over 30mins would suffice. It's not typically awarded on bounty programs, however
@@codingo ohh thanks for the info
Thankyou very much for this informative video.
Glad it was helpful!
Great video
Thanks!
Thanks for the content! :D
My pleasure!
Quality content as always
Appreciate it! Thank-you!
Awesome!
Thanks!
Hmm my favorite bugs
and I was searching for pentesterlab code
There's one.. more subtle, got to watch the content to find it :)
@@codingo before even seeing full it got away, please make it little slow next time
No codes ?
There is one in here :)
3
2nd
First :3
Am I first? :P
Fourth :o
People are faster than me 🤦🏽♂️ + it's midnight 😂 Time is against me too.