Pages on Willis Vandevanter

On paper, it was a default password issue 🤷. In practice, it was an application that was packaged with many products that allowed trivial RCE out of the box and a nice metasploit module.
SAP Advisory 1432881

FCKEditor.NET File Upload Code Execution

Selected Bug Bounties

I have had a mixed experience with bug bounties. I think in total I have received a bounty or Hall of Fame from 40+ companies; not a ton but enough to see some of the good and bad. Below are some programs I really enjoyed participating with.

AT&T

Top 50 hacker at one point.

Bugcrowd MVP 2018

2019 I had the points and bugs, but one of the programs unfairly gave me a negative rating which dropped me below the threshold. As you can tell, I am still salty 👷.

Mozilla

I believe I had the highest payout for a Web bounty up to that point.

Tesla HP

I had a handful of critical bugs in devices including RCE but the details are unfortunately private.

IBM Slack

Presentations + Trainings

Mon, 16 May 2022 00:00:00 +0000

OWASP Global AppSec 2024

GraphQL Exploitation: Secondary Context Attacks and Business Logic Vulnerabilities

Defcon Recon Village 2024

Bypassing WHOIS Rate Limiting & Tracking Fresh Domains

Las Vegas BSides 2024

Bypassing WHOIS Rate Limiting & Tracking Fresh Domains

Black Hat USA Trainings 2019 (Accepted)

“The Web Application Hacker Level-Up Lab”
- Unfortunately we couldn’t fill the class in Las Vegas. It was delivered in Buenos Aires instead with the help of Include Security. Thank you!

OWASP Maine

Best Fit Mapping Attacks

Pluralsight Training 2017

Video: “Writing Penetration Testing Reports”

Pluralsight Training 2016

Video: “External Footprinting: Reconnaissance and Mapping”

Black Hat USA Arsenal 2016

Overview: “SERPICO”

Black Hat USA 2015

Video: “Exploiting XXE in File Upload Functionality”

Black Hat Webcast November, 2015

Webinar: “Exploiting XXE in File Upload Functionality”
- The webinar was updated to include more file types; PDF, JPG, and GIF

BeaCon 2015

“Building (Simple) Fuzzing Scripts from Wireshark Dissectors”

Black Hat USA Arsenal 2015

Overview: “SERPICO”

Black Hat Europe 2014

Video/Slides: “Blended Web and Database Attacks on Real-Time, In-Memory Platforms”
- I couldn’t make the talk unfortunately.

Troopers 2014

Video: “Hiding the breadcrumbs: Anti-forensics on SAP systems”
- Really fun presentation on hiding actions in SAP

Troopers 2014

Video: “SAP BusinessObjects Attacks: Espionage and Poisoning of Business Intelligence platforms”
- Another round of BO research, quite a few advisories came from this.

BlackHat Arsenal 2014

Overview: “SERPICO”

Rapid7 Whiteboard Wednesday

Post/Video: “There’s a Hole in 1,951 Amazon S3 Buckets”

Defcon Skytalks 20 (2012)

“Interface Puncher”
- This talk focused on fingerprinting web applications and bruteforcing credentials. Cool idea, but didn’t really take off.

Defcon 19 (2011)

Video: “Metasploit vSploit Modules”
- Joint presentation with Marcus Carey and David Rude. Awesome idea and fun work. Presentation wasn’t great though.

Defcon Skytalks Las Vegas 2011

“Distributed Denial of Service Attacks for Whitehats”
- Focused on testing DoS mitigations in place from vendors. Unfortunately can’t find the slides or video.

BSides Las Vegas 2011

“Distributed Denial of Service Attacks for Whitehats”
- Focused on testing DoS mitigations provided by vendors. Unfortunately can’t find the slides or video.

OWASP AppSec USA 2010

Video: “Hacking SAP Businessobjects”

SOURCE Barcelona 2010

Video: “Hacking SAP Businessobjects”

About this site

Sun, 15 May 2022 00:00:00 +0000

“Always Student, Never Master”

I use this site to publish technical content.

Search

Mon, 01 Jan 0001 00:00:00 +0000

Pages on Willis Vandevanter

Advisories

Selected Bug Bounties

Presentations + Trainings

OWASP Global AppSec 2024

Defcon Recon Village 2024

Las Vegas BSides 2024

Black Hat USA Trainings 2019 (Accepted)

OWASP Maine

Pluralsight Training 2017

Pluralsight Training 2016

Black Hat USA Arsenal 2016

Black Hat USA 2015

Black Hat Webcast November, 2015

BeaCon 2015

Black Hat USA Arsenal 2015

Black Hat Europe 2014

Troopers 2014

Troopers 2014

BlackHat Arsenal 2014

Rapid7 Whiteboard Wednesday

Defcon Skytalks 20 (2012)

Defcon 19 (2011)

Defcon Skytalks Las Vegas 2011

BSides Las Vegas 2011

OWASP AppSec USA 2010

SOURCE Barcelona 2010

About this site

Archives

Search