- MonkeHacks
- Posts
- MonkeHacks #40
MonkeHacks #40
Generalising, Threat Modelling, and Documenting
MonkeHacks #40
The temperature dropped sharply in Scotland this week - it’s just above freezing now. I had a pretty busy weekend hosting some friends from Ireland, and moving the rest of my stuff to my new place. I can already sense the expensive heating bill this winter.
I pivoted from focusing on only client side to looking for more general bugs again. The rationale here was more so that I realised that focusing only on client side was kind of stupid because not all targets are vulnerable to these kinds of attacks. So now it’s back to being another weapon in the hacking arsenal, but a very developed one. The best hacker is the hacker who has mastered many different niches, because that’s when you can start blurring the boundaries between different areas and combining your knowledge in new ways to pop some really innovative bugs.
Also, no cover photo this week because I forgot to take photos. Next week! I might start taking these cover photos with my camera to spruce up this newsletter a bit. Also, I have started using Bluesky a lot more. The community over there is more vibrant than I thought it would be!
Reminder to some of you hackers that Christmas is coming up. Best to get some extra hacking done now to cover the cost of Christmas presents.
Weekly Ideas / Notes
I analysed my own workflow again, which has developed significantly since I first began this newsletter. I concluded that aside from time spent, the main bottleneck was that I simply wasn’t threat modelling applications properly before trying to hack them. I’m not lacking in creativity, just time spent, experience and threat modelling properly.
Thanks to Critical Thinking for having the resources that allowed me to notice this shortcoming of mine.
I applied this mentality immediately to one of my more difficult programs and found a business logic issue very quickly, so this was definitely what I was missing. I tend to rush things a bit, so taking my time with hacking has really helped.
One of my lifelong goals has been to direct a documentary. I have a very very specific idea of the atmosphere and style of such a documentary. Doing so about the hacking community and hacking space would be really fun - I want to bring the various characters in the hacking space to life. However, the effort and money needed to pull off something like this is beyond me right now, so for now this remains an idea. If anyone wants to contribute to this idea or take it in some actionable direction, reach out!
I decided to focus on one program again - one of my private programs on HackerOne. To paraphrase some hackers: “lows and mediums pay the bills”. Hopefully I can set myself up for the next few months this way.
Resources
Exploring the DOMPurify library: Bypasses and Fixes: Excellent technical blog post from Kevin Mizu.
Sketchy Cheat Sheet - Story of a Cloud Architecture Diagramming Tool gone wrong: A very nice bug on Google.
Exploring Javascript events & Bypassing WAFs via character normalization: Looking at WAFs and events. Excellent breakdown of various events in JS.