$20,000 RCE in GitLab via 0day in exiftool metadata processing library CVE-2021-22204
HTML-код
- Опубликовано: 15 июл 2024
- ✉️ Get the 6th issue of the newsletter: mailing.bugbountyexplained.com/6
📧 Subscribe to BBRE Premium: bbre.dev/premium
📣 Follow me on Twitter: bbre.dev/tw
🖥 Get $100 in credits for Digital Ocean 🖥
m.do.co/c/cc700f81d215
This video is an explanation of bug bounty report submitted to GitLab by William Bowling. The vulnerability was a remote code execution by a malicious image metadata. The bug existed in exiftool library and was assigned CVE-2021-22204.
Report:
hackerone.com/reports/1154542
devcraft.io/2021/05/04/exifto...
Reporter's twitter:
/ wcbowling
Follow me on twitter:
/ gregxsunday
Timestamps:
00:00 Intro
00:54 What is metadata?
02:41 How exiftool handled \"
06:16 The exploit Наука
Hi you! Welcome to the comment section. I hope you liked the video😏
Sign up for BBRE newsletter here to receive the next premium issue for free: mailing.bugbountyexplained.com/
Amazingly explained as usual! To think that one tiny detail (i.e. $ being end of string of a newline char) was the course of a 0-day. Didn't even know that simple detail about $ myself but will definitely use it from here on out. Just shows how important regex knowledge is when it comes to bug hunting
Amazingg content as usual! makes you think about how many other vulnerabilities exisit
Thank you
wow thnks man
jeez Regex bugs are really something when it comes to critical vulnerability! Yet I couldn't get my head around the complexity of the Regex rules 😂. anyways great video really well explained 👌👌
yeah regexes are everywhere. They are not as hard as they seem and it's worth the time to learn them
@@BugBountyReportsExplained yes I am trying my best, but I wanna ask you if you know of any online labs that offer online labs of vulnerable Regex apps cuz I tend to learn from online labs more
@@ahmadshami5847 I think you should do normal regex lessons and once you understand them you will be able to find vulnerable regexes in many different vuln classes
@@BugBountyReportsExplained okay cool thanks man 👌
Good bro
Straight above the head
Could you scale the screenshoot to whole screen. It will be useful for mobile watching. Thx
yes, thx for the suggestion
How i can learn bug bouty zero to advanceed? u pass path?
Be optimized or you will fail