Episode 113: In this episode of Critical Thinking - Bug Bounty Podcast we’re breaking down the Portswigger Top 10 from 2024. There’s some bangers in here!
Follow us on X at: https://x.com/ctbbpodcast
Got any ideas and suggestions? Feel free to send us any feedback here: info@criticalthinkingpodcast.io
Shoutout to YTCracker for the awesome intro music!
====== Links ======
Follow your hosts Rhynorater and Rez0 on X:
====== Ways to Support CTBBPodcast ======
Hop on the CTBB Discord!
We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.
You can also find some hacker swag!
====== Resources ======
Hijacking OAUTH flows via Cookie Tossing
ChatGPT Account Takeover - Wildcard Web Cache Deception
CVE-2024-4367 - Arbitrary JavaScript execution in PDF.js
DoubleClickjacking: A New Era of UI Redressing
WorstFit: Unveiling Hidden Transformers in Windows ANSI
SQL Injection Isn't Dead: Smuggling Queries at the Protocol Level
Confusion Attacks: Exploiting Hidden Semantic Ambiguity in Apache HTTP Server
Middleware, middleware everywhere – and lots of misconfigurations to fix
====== Timestamps ======
(00:00:00) Introduction
(00:09:56) Hijacking OAuth flows via Cookie Tossing
(00:17:30) ChatGPT Account Takeover
(00:25:28) OAuth Non-Happy Path to ATO
(00:29:24) CVE-2024-4367
(00:37:37) DoubleClickjacking:
(00:44:54) Exploring the DOMPurify library
(00:48:01) WorstFit
(00:56:29) Unveiling TE.0 HTTP Request Smuggling
(01:06:40) SQL Injection Isn't Dead: Smuggling Queries at the Protocol Level
(01:14:05) Confusion Attacks
Popular Podcasts
Stuff You Should Know
If you've ever wanted to know about champagne, satanism, the Stonewall Uprising, chaos theory, LSD, El Nino, true crime and Rosa Parks, then look no further. Josh and Chuck have you covered.
The Joe Rogan Experience
The official podcast of comedian Joe Rogan.
24/7 News: The Latest
The latest news in 4 minutes updated every hour, every day.