Comments (3)
sw33tLie
commented on July 27, 2024
Hi there,
thanks for raising this issue.
You're right, and yes it's because of the different formatting of the scope (honestly, I blame HackerOne for this 🙃 ).
A while ago I added the --descToo flag as an attempt to mitigate this but it looks like that flag isn't helpful here either...
I need to think about a proper way to deal with these edge cases...exporting everything from a program as json (#2) then grepping might be a good workaround 🤔
If you have any suggestion, feel free to write below
from bbscope.
rudraimmunefi
commented on July 27, 2024
Thanks for coming back, I believe notifying users about such programs is crucial as they are missing major targets unless anything is figured out.
As of now, updating the Description should be done to make the users aware of such things.
from bbscope.
sw33tLie
commented on July 27, 2024
Hi there,
I took a closer look and figured out what's actually wrong.
Using the --proxy flag to send all requests through Burp I saw this:
{"node":{"id":"Z2lkOi8vaGFja2Vyb25lL1N0cnVjdHVyZWRTY29wZS80MDQxOA==","asset_type":"OTHER","asset_identifier":"Ext. A Scope","rendered_instruction":"\u003cp\u003eProductivity, e-commerce, B2B projects at \u003ccode\u003e*.mail.ru\u003c/code\u003e, \u003ccode\u003e*.my.com\u003c/code\u003e and some dedicated project domains, including \u003ccode\u003ecorp.mail.ru\u003c/code\u003e, \u003ccode\u003erb.mail.ru\u003c/code\u003e, \u003ccode\u003etop.mail.ru\u003c/code\u003e, \u003ccode\u003emoney.mail.ru\u003c/code\u003e, \u003ccode\u003etbank.mail.ru\u003c/code\u003e, \u003ccode\u003ecombo.mail.ru\u003c/code\u003e, \u003ccode\u003eapinotify.mail.ru\u003c/code\u003e, \u003ccode\u003eblog.mail.ru\u003c/code\u003e, \u003ccode\u003etarget.my.com\u003c/code\u003e, \u003ccode\u003etracker.my.com\u003c/code\u003e, \u003ccode\u003etarantool.io\u003c/code\u003e, \u003ccode\u003eyoula.ru\u003c/code\u003e, \u003ccode\u003epandao.ru\u003c/code\u003e, \u003ccode\u003eam.ru\u003c/code\u003e, \u003ccode\u003egibdd.mail.ru\u003c/code\u003e, \u003ccode\u003ehelp.mail.ru\u003c/code\u003e except delegated and externally hosted domains and branded partner services.\u003c/p\u003e\n\n\u003cp\u003e\u003cmark\u003eExtended scope only awards critical serverside vulnerabilities, if vulnerability compromises the infrastructure (e.g. RCE, SQLi, LFR, SSRF, etc) or data outside of project\u0026#39;s scope (e.g. personal information) via serverside vector.\u003c/mark\u003e\u003c/p\u003e\n\n\u003cp\u003eClientside vulnerabilities (XSS, CSRF) and business logic specific bugs, including privilege escalations within the product are accepted without bounty. \u003cbr\u003e\n\u003cmark\u003eMitM and local attacks, user enumeration on registration/recovery, open redirections, insufficient session expiration, cookies working after logout etc are not accepted\u003c/mark\u003e unless there are additional vectors identified (e.g. ability to steal the session token via remote vector for open redirection).\u003c/p\u003e\n","max_severity":"critical","eligible_for_bounty":true},"cursor":"NQ"},
The --descToo flag is actually useful here, but as you can see these assets are marked as asset_type=OTHER, while you only selected the url category.
To be sure to cover all cases, it's a good idea to select all categories.
I still blame h1 here, but you're right, adding a warning in the readme to make everyone understand these scenarios is a good idea 😃
from bbscope.
Related Issues (20)
- add inspectiv.com
- Update Readme.md file HOT 1
- The tool does not fetch private programs for bugcrowd HOT 1
- immunefi unexpected EOF HOT 3
- FATA[0083] HOT 1
- Intigriti URL endpoint has changed HOT 1
- Update for Hackerone New Asset Type Labels HOT 2
- not working with intigriti HOT 4
- hackerone api rate limit of 10 req/s HOT 2
- Does not work for YesWeHack (ywh) HOT 2
- public bbp only don't work
- Bugcrowd's private programs are not being fetched HOT 6
- Bugcrowd email+password login is broken HOT 11
- Cloud bbsscope add the a tag href value in the result.
- hackerone entire scope option
- 429 for hackerzne public programs HOT 1
- Bugcrowd -b option not working
- Suspended programs getting pulled - intigriti
- Could you add additional features to capture only public programs?
- Bugcrowd seems to have failed HOT 10
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from bbscope.