Episode 28: Surfin' with CSRFs
Critical Thinking - Bug Bounty Podcast20 Heinä 2023

Episode 28: Surfin' with CSRFs

Episode 28: In this episode of Critical Thinking - Bug Bounty Podcast, the CSRF’s up, dude! We kick off with a debate about whether or not deep link vulns in mobile apps can be considered CSRF. We also talk browser extensions and tools like Hackbar, PwnFox, and JS Weasel, and Justin tries to invent a whole new vuln term. There’s plenty of good stuff here, so what are you waiting for? Jump on in!

Follow us on twitter at: @ctbbpodcast

We're new to this podcasting thing, so feel free to send us any feedback here: info@criticalthinkingpodcast.io

Shoutout to YTCracker for the awesome intro music!

------ Links ------

Follow your hosts Rhynorater & Teknogeek on twitter:

https://twitter.com/0xteknogeek

https://twitter.com/rhynorater

rez0's latest tip

https://twitter.com/rez0__/status/168134822190014466019

Hackbar

https://addons.mozilla.org/en-US/firefox/addon/hackbartool/

PwnFox

https://twitter.com/adrien_jeanneau/status/1681364665354289152

JS Weasel

https://www.jswzl.io/

Charlie Eriksen

https://twitter.com/CharlieEriksen

Link to talk by Rojan

https://twitter.com/uraniumhacker/status/1681381857383030785

Bypassing GitHub's OAuth flow

https://blog.teddykatz.com/2019/11/05/github-oauth-bypass.html

Great SameSite Confusion

https://jub0bs.com/posts/2021-01-29-great-samesite-confusion/

Check out Nahamsec's Channel

https://www.youtube.com/c/nahamsec

Timestamps:

(0:01:45) The deep link debate

(00:08:00) LHE and in-person interviews

(00:09:25) SQLMAP and raw requests

(00:11:11) Hackbar, PwnFox, and browser extensions

(00:16:45) JS Weasel tool and its features

(00:25:28) Rojan's Research and Public Talks

(Start of main content)

(00:28:36) Cross-Site Request Forgery (CSRF)

(00:35:00) Bypassing GitHub's OAuth flow

(00:45:00) A Small SameSite Story

(00:48:50) CSRF Exploitation Techniques

(01:07:15) CSRF Bug Stories

(01:15:30) NahamSec and DEFCON

Jaksot(161)

Episode 161: Cross-Consumer Attacks & DTMF Tone Exfil

Episode 161: Cross-Consumer Attacks & DTMF Tone Exfil

Episode 161: In this episode of Critical Thinking - Bug Bounty Podcast Justin Gives us some quick hits regarding CSRF and Cross Consumer Attacks, and also touches on some breaking questions surroundin...

12 Helmi 24min

Episode 160: Cloudflare Zero-days & Mail Unsubscribing for XSS

Episode 160: Cloudflare Zero-days & Mail Unsubscribing for XSS

Episode 160: In this episode of Critical Thinking - Bug Bounty Podcast Joseph and Brandyn. Chat through some news, Including a Cloudflare Zero-day, Turning List-Unsubscribe into an SSRF/XSS Gadget, & ...

5 Helmi 45min

Episode 159: Avoiding Downgrades on Google Cloud VRP with Cote and Darby Hopkins

Episode 159: Avoiding Downgrades on Google Cloud VRP with Cote and Darby Hopkins

Episode 159: In this episode of Critical Thinking - Bug Bounty Podcast we sit down with the Google Cloud VRP Team to deep-dive policy and reward changes, what the panel process looks like, and how to ...

29 Tammi 1h 46min

Episode 158: 10hr Marathon Hack-Along Recap + $300k Client-side Bugs

Episode 158: 10hr Marathon Hack-Along Recap + $300k Client-side Bugs

Episode 158: In this episode of Critical Thinking - Bug Bounty Podcast we talk about our personal takeaways from the CTBB Charity Hackalong, and then break down some InsertScript POCs, what a $55,000 ...

22 Tammi 58min

Episode 157: Crushing Pwn2Own & H1 with Kernel Driver Exploits

Episode 157: Crushing Pwn2Own & H1 with Kernel Driver Exploits

Episode 157: In this episode of Critical Thinking - Bug Bounty Podcast we’re joined by Hypr to talk about hacking Mediatek and his experiences with HackerOne and Pwn2Own Ecosystems.Follow us on twitte...

15 Tammi 1h 34min

Episode 156: Chill AMA from bugbounty.forum

Episode 156: Chill AMA from bugbounty.forum

Episode 156: In this episode of Critical Thinking - Bug Bounty Podcast we answer some fantastic questions from over at bugbounty.forumFollow us on twitter at: https://x.com/ctbbpodcastGot any ideas an...

8 Tammi 1h 23min

Episode 155: 2025 Hacker Stats & 2026 Goals

Episode 155: 2025 Hacker Stats & 2026 Goals

Episode 155: In this episode of Critical Thinking - Bug Bounty Podcast Justin, Joseph, and Brandyn reflect on last year of Bug Bounty, and list their goals and predictions for what 2026 holds.Follow u...

1 Tammi 1h 32min

Episode 154: Starting a Pentesting Company on Top of Bug Bounty

Episode 154: Starting a Pentesting Company on Top of Bug Bounty

Episode 154: In this episode of Critical Thinking - Bug Bounty Podcast Joseph and Brandyn talk through the transition from Bug Bounty hunting to Pentesting. We cover diversifying income streams, the c...

25 Joulu 202541min