#29

A tool to find bugs in WordPress plugins

As many of you already know, recently, I migrated BBRE Premium to a new platform that runs on WordPress. The way problems are solved here is by installing more plugins. And then even more. And I am very interested in their security. One day, I just took a quick look...

Java’s fantastic URL class

Do you think these URLs are equal to each other? I also would say they are not but Java has a different opinion on it. Turns out that for Java’s URL class, two URLs are equal if they are resolved to the same IP addresses. This just sounds soo bad. As per replies under...

Trailing dot domain bypasses

Last week, I published a video on YouTube about my $1,500 bug in Stripe. It was a domain denylist bypass in a tool that is supposed to prevent SSRFs. https://youtu.be/Ga9o--v-grA The trick I used there was a trailing dot - I shared it in BBRE Premium before: 10...

Deserialisation explained

Deserialisation was one of the bug classes that I didn’t understand for a long time yet I thought it is a very good, advanced technique. You know, it has a cool name and usually results in an RCE. One of you suggested me this topic on our Discord, so here it is! Let’s...

Finding bugs that others miss

I miss bugs. You miss bugs. Everyone misses bugs. Just most often, we don’t even know that. But why do we miss bugs? This is the question that James Kettle is trying to answer in his talk called Hunting Evasive Vulnerabilities: Finding Flaws That Others Miss. Here are...