skip to Main Content
This website use cookies which are necessary to its functioning and required to achieve the purposes illustrated in the privacy policy. To learn more or withdraw consent please click on Learn More. By continued use of this website you are consenting to our use of cookies.

Spooky Bug!

Spooky Bug!

BOO!ย  ๐Ÿ‘ป

If you haven’t noticed, the Bugcrowd logo kind of looks like a jack-o’-lantern ๐ŸŽƒ , which is really convenient because it’s almost Halloween.

It’s going to be a great Halloween, I can feel it in my bones ๐Ÿฆด ! If you haven’t noticed yet, my favorite thing about halloween is that it gives me an excuse to drive everyone batty ๐Ÿฆ‡ย  by making excessive halloween puns. They’re very humerus. I’ve also got some vampire puns, but they suck ๐Ÿง›.

Anyway, the marketing team at Bugcrowd asked me to write about a spook-tacular bug that I’ve seen recently, so let’s get startled, shall we?

It was a cold and dreary night, the full moon was filtering through my blinds. I was up late, staring at my computer scream, when suddenly a new submission appeared in my triage queue. An SQL injection no less, the hallow-queen of all spooky bugs.

Validate it, I did. Crimson-colored text spurted across my screen, AAAAAHHHHH! PERSONALLY IDENTIFIABLE INFORMATION! A witch busted through my door, cackling as a lightning strike lit up her resting witch face. “That appears to be a blind SQL injection which can be used to pilfer customer data!” she said. I nodded. She was dead right ๐Ÿ’€.

I got goosebumps, my hairs stood on end. My finger hovered over the P1 button, I clicked it.

“Phew, all triaged” said the witch as she rode off on her broom ๐Ÿงน. I took a deep breath and leant back in my chair, pleased with myself. Time for some pumpkin soup ๐Ÿฅฃ .

 

About the Author: Luke Stephens is a father, husband, hacker, pen tester, and full-time Application Security Engineer and Quality Assurance Training Manager at Bugcrowd.

Tags:
Topics:

Luke Stephens

Training and Quality Assurance Manager, Security Operations at Bugcrowd

Back To Top