Episode 14: Mobile Hacking Dynamic Analysis w/ Frida + Random Hacker Stuff
Critical Thinking - Bug Bounty Podcast6 Huhti 2023

Episode 14: Mobile Hacking Dynamic Analysis w/ Frida + Random Hacker Stuff

Episode 14: In this episode of Critical Thinking - Bug Bounty Podcast we talk about Dynamic Analysis within Mobile Hacking and a bunch of random hacker stuff. It's a good time. Enjoy the pod.

Follow us on Twitter at: @ctbbpodcast

We're new to this podcasting thing, so feel free to send us any feedback here: info@criticalthinkingpodcast.io

Shoutout to YTCracker for the awesome intro music!

------ Links ------

Follow your hosts Rhynorater & Teknogeek on Twitter:

https://twitter.com/0xteknogeek

https://twitter.com/rhynorater

Joel’s Alternative to UberTooth One:

https://www.amazon.com/Bluetooth-UD100-G03-Exchangeable-Bluesoleil-Microsoft/dp/B0161B5ATM

D3monDev’s Burp VPS Plug-in:

https://github.com/d3mondev/burp-vps-proxy

FireProx:

https://github.com/ustayready/fireprox

Joel’s Universal SSL De-pinning Frida Script:

https://gist.github.com/teknogeek/4dc35fb3801bd7f13e5f0da5b784c725

Command-line Fuzzy Finder:

https://github.com/junegunn/fzf

Justin’s two article recommendations for using Frida:

https://tinyurl.com/5n94d6ry

https://tinyurl.com/yfy3n5f5

Copy screen of physical device:

https://tinyurl.com/ymdrscm5

Flipper:

https://flipperzero.one/

BetterCap BLE Module:

https://www.bettercap.org/modules/ble/

Timestamps:

(00:00:00) Intro

(00:00:55) Hacker Chats

(00:03:27) Podcast Content Commentary

(00:04:09) SSRF Rebinding Error Confession

(00:06:02) Flipper Zero

(00:07:58) Bettercap BLE

(00:09:36) Sena USB Bluetooth Adapter

(00:12:41) Burp VPS Proxy Plugin

(00:13:55) Fireprox

(00:15:40) Dynamic Mobile Hacking

(00:17:40) Dynamic Analysis Overview

(00:18:18) Emulator Talk

(00:24:29) Joel’s APK Analysis Flow

(00:26:30) Cert Pinning

(00:32:17) Joel’s SSL Cert Pinning Script

(00:35:29) Hands-on look at Frida

(00:50:11) Frida on Non-rooted Devices

(00:58:22) Tracing Errors to Overwritable Functions

(01:00:39) Native Libraries

(01:09:18) GenyMobile Screen Mirroring Tool

(01:11:50) Justin’s Report of the Day and Custom SSL Pinning

(01:18:15) Joel’s First Ever Bug, Jailbreak Detection Bypass

Jaksot(161)

Episode 113: Best Technical Takeaways from Portswigger Top 10 2024

Episode 113: Best Technical Takeaways from Portswigger Top 10 2024

Episode 113: In this episode of Critical Thinking - Bug Bounty Podcast we’re breaking down the Portswigger Top 10 from 2024. There’s some bangers in here!Follow us on X at: https://x.com/ctbbpodcastGo...

6 Maalis 20251h 29min

Episode 112: Interview with Ciarán Cotter (MonkeHack) - Critical Lab Researcher and Full-time Hunter

Episode 112: Interview with Ciarán Cotter (MonkeHack) - Critical Lab Researcher and Full-time Hunter

Episode 112: In this episode of Critical Thinking - Bug Bounty Podcast Joseph Thacker is joined by Ciarán Cotter (Monke) to share his bug hunting journey and give us the rundown on some recent client-...

27 Helmi 20251h 7min

Episode 111: How to Bypass DOMPurify in Bug Bounty with Kevin Mizu

Episode 111: How to Bypass DOMPurify in Bug Bounty with Kevin Mizu

Episode 111: In this episode of Critical Thinking - Bug Bounty Podcast Justin interviews Kevin Mizu to showcase his knowledge regarding DOMPurify and its misconfigurations. We walk through some of Kev...

20 Helmi 20251h 49min

Episode 110: Oauth Gadget Correlation and Common Attacks

Episode 110: Oauth Gadget Correlation and Common Attacks

Episode 110: In this episode of Critical Thinking - Bug Bounty Podcast we hit some quick news items including a DOMPurify 3.2.3 Bypass, O3 mini updates, and a cool postLogger Chrome Extension. Then, w...

13 Helmi 202549min

Episode 109: Creative Recon - Alternative Techniques

Episode 109: Creative Recon - Alternative Techniques

Episode 109: In this episode of Critical Thinking - Bug Bounty Podcast we start off with a quick recap of some of the DeepSeek Drama that’s been going down, and discuss AI in CAPTCHA and 2FA as well. ...

6 Helmi 20251h 1min

Episode 108: How to Hack Salesforce, ServiceNow, and Other SaaS Products With Aaron Costello

Episode 108: How to Hack Salesforce, ServiceNow, and Other SaaS Products With Aaron Costello

Episode 108: In this episode of Critical Thinking - Bug Bounty Podcast Justin and Joseph bring on Aaron Costello to discuss SaaS security and misconfigurations as a bug class. He also gives some in-de...

30 Tammi 20251h 31min

Episode 107: Bypassing Cross-Origin Browser Headers

Episode 107: Bypassing Cross-Origin Browser Headers

Episode 107: In this episode of Critical Thinking - Bug Bounty Podcast Justin and Joseph are tackling the subject of cross-origin security headers. They also cover some news items including Google’s O...

23 Tammi 20251h 6min

Episode 106: Announcing our new cohost...

Episode 106: Announcing our new cohost...

Episode 106: In this episode of Critical Thinking - Bug Bounty Podcast we are pleased to announce our new co-host of the podcast: Joseph Thacker Aka Rez0! We discuss Joseph's transition to full-time b...

16 Tammi 202558min