Critical Thinking – Bug Bounty Podcast
Episode 27: In this episode of Critical Thinking - Bug Bounty Podcast, we've switched places and now Joel is home while Justin is on the move. We break down seven esoteric web vulnerabilities, and talk Cookies, Config File Injections, Client-side path traversals and more. We also briefly discuss appliance hacking, new tools, and shout out some new talent in the hacking space. Don't miss this episode full of cool vulns, and experience Justin's vocal decline in real time.
Follow us on twitter at: @ctbbpodcast
We're new to this podcasting thing, so feel free to send us any feedback here: [email protected]
Shoutout to YTCracker for the awesome intro music!
------ Links ------
Follow your hosts Rhynorater & Teknogeek on twitter:
https://twitter.com/0xteknogeek
https://twitter.com/rhynorater
Encrypted Doesn't Mean Authenticated:
https://blog.assetnote.io/2023/07/04/citrix-sharefile-rce/
Tweet about headless chrome browser
https://twitter.com/bhavukjain1/status/1678719047209484288?t=NWnZvwHTRMyH_lVC-uXe0g&s=19
Shout out to new talent within the hacking space
Tweet about hacking Google Search Appliance
https://twitter.com/orange_8361/status/1677378401957724160
Bitquark releases shortscan
https://twitter.com/bitquark/status/1677647450989838338
Hacking Starbucks
https://samcurry.net/hacking-starbucks/
Justin's CookieJar Tool
https://apps.rhynorater.dev/checkCookieJarOverflow.html
HackTricks
https://book.hacktricks.xyz/pentesting-web/hacking-with-cookies/cookie-jar-overflow
XSLeak
Timestamps:
(00:00:00) Introduction
(00:04:00) Assetnote on ShareFile RCE
(00:13:05) Headless Browsers
(00:17:00) Hacker Content Creators
(00:22:51) Appliance Hacking
(00:30:31) Shortscan Release
(Start of main content)
(00:35:39) Config File Injection
(00:44:00) Client-side Path Traversal
(00:51:33) Cookie Bombing
(00:58:00) Cookie Jar Overflow
(01:03:50) XSLeak
(01:10:49) UNC Path Injection
(01:15:50) Impactful Link Hijack