Skip to main content

Posts

Showing posts from December, 2018

Persistent XSRF on Kubernetes Dashboard using Redhat Keycloak Gatekeeper on Microsof Azure

tl;dr I found an  XSRF in the OAuth implementation of Redhat Keycloak Gatekeeper . This would be a bit worse for people using Gatekeeper to protect their Kubernetes Dashboard (especially in Microsof Azure). The Issue in Keycloak Gatekeeper Keycloak Gatekeeper is an OpenID Proxy service for Keycloak , an Identity and Access Management solution developed and opensourced by RedHat (now IBM).  Solutions like this are often used to protect things like Kubernetes Dashboard (unless you want to do like Tesla and expose your Kubernetes Dashboard unauthenticated to the internet ) and this (for the record) is why I came across to the issue. I will postpone a deeper analysis of the Kubernetes Dashboard to a future post. The issue is dead simple and I already talked about this several times . This was also  defined by Egor Homakov as the the Most Common OAuth2 Vulnerability (and it looks he was right :p) . Basically the Keycloak Gatekeeper   developers forgot to implement a  reall

Billion Laugh Attack in https://sites.google.com

tl;dr https://sites.google.com suffered from a Billion Laugh Attack vulnerability that made the containerized environment to crash with a single invocation. Introduction Few months ago I applied for a talk at a security conference titled So you wanna be a Bug Bounty Hunter but it was rejected :( . The reason behind it is that I have been on/off in the bug bounty business for a while as you can see here: Funny. Found in a forgotten drawer from the time I was a bug hunter :p #facebook #bug #bounty pic.twitter.com/Tt4saGZVLI — Antonio Sanso (@asanso) November 30, 2018 and I would have liked to share some of the things I have learned during th e se years (not necessary technical advises only). You can find a couple of these advises here: Rule #1 of any bug hunter is to have a good RSS feed list and here :  The rule #2 of any bug hunter is to DO NOT be to fussy with 'food' specifically with "left over" Today's rule is: The rule #3 of