This video is an explanation of bug bounty report submitted by 17-years-old Robert Chen and 14-years-old Phillip on Hackerone to Github’s private bug bounty program. The vulnerability was CRLF combined with XSS and cache poisoning that allowed reading private pages. It was paid out $35,000.
✉️ Sign up for the mailing list ✉️
☕️ Support my channel ☕️
🖥 Get $100 in credits for Digital Ocean 🖥
✎Sign up for Pentesterlab from my referral✎
Follow me on twitter:
00:24 What is BBRE newsletter?
01:10 Github Pages auth flow
02:33 XSS by CRLF
04:57 Bypassing Nonce and __Host cookie
08:44 Cache poisoning
09:49 Attacking from outside the org