Blogs

Qualche mese fa ho comprato un Raspberry Pi 3 Model B, l’ho comprato per curiosità, per giocarci (letteralmente). Nelle settimane successive ho acquistato un piccolo schermo da 3,5 pollici, una powerbank e un paio di joystick (modello Nintendo SNES) e grazie al bellissimo progetto RetroPie ho trasformato il mio Raspberry in una console portatile di giochi retro. L’obiettivo di questo post è spiegare come configurare un Raspberry per poterlo usare tramite smartphone Android via connessione SSH, anche se il Raspberry non è connesso a nessuna rete wi-fi. ...

ZOHO Mail is a business mail that includes integrated calendar, contacts, notes, and tasks apps. Initially I was looking for a stored XSS in the webmail, but I did not find it so I started checking the other services. I wondered if it was possible to inject malicious code via attachments in ZOHO Notes. By attaching a local file it wasn’t, but in ZOHO Notes you can attach files from some cloud services: Google Drive, Dropbox, Box and Evernote. The XSS filters and protections worked well for the first three services, but not for Evernote. To my surprise it was possible to run javascript code in gadgets.zoho.eu via Evernote attachments. ...

This is my first public disclosure on HackerOne. It is a partial disclosure, but the summary is clear: there was a stored XSS in the image preview feature via crafted attachment filename. #275274 - touch.mail.ru/messages - Stored XSS 07/10/2017 - I send the report 11/10/2017 - The vulnerability is fixed and the bug bounty reward is 750$ 27/12/2017 - Public disclosure

In my own spare time I like to participate in the bug bounty programs. They are a hard challenge, but it is satisfying to find vulnerabilities in big companies. I usually look for XSS vulnerabilities, for this reason I have written a little python script to automate the search of XSS. XSSSonar is an open source tool to look for XSS vulnerabilities on a web page, it is written in Python 2.x for now, but I hope to rewrite it in Python 3.x. You can download it from the GitHub repository. ...