Episode 59: Bug Bounty Gadget Hunting & Hacker's Intuition
Critical Thinking - Bug Bounty Podcast22 Helmi 2024

Episode 59: Bug Bounty Gadget Hunting & Hacker's Intuition

Episode 59: In this episode of Critical Thinking - Bug Bounty Podcast Justin and Joel discuss the concept of gadgets and how they can be used to escalate the impact of vulnerabilities. We talk through things like HTML injection, image injection, CRLF injection, web cache deception, leaking window location, self-stored XSS, and much more.

Follow us on twitter at: @ctbbpodcast

We're new to this podcasting thing, so feel free to send us any feedback here: info@criticalthinkingpodcast.io

Shoutout to YTCracker for the awesome intro music!

------ Links ------

Follow your hosts Rhynorater & Teknogeek on twitter:

------ Ways to Support CTBBPodcast ------

Sign up for Caido using the referral code CTBBPODCAST for a 10% discount.

Hop on the CTBB Discord at https://ctbb.show/discord!

We also do Discord subs at $25, $10, $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.

Resources:

Even Better

NahamSec's 5 Week Program

NahamCon News

CSS Injection Research

Timestamps:

(00:00:00) Introduction

(00:03:31) Caido's New Features

(00:15:20) Nahamcon News and 5 week Bootcamp and pentest opportunity

(00:19:54) HTML Injection, CSS Injection, and Clickjacking

(00:33:11) Image Injection

(00:37:19) Open Redirects, Client-side path traversal, and Client-side Open Redirect

(00:49:51) Leaking window.location.href

(00:57:15) Cookie refresh gadget

(01:01:40) Stored XXS

(01:09:01) CRLF Injection

(01:13:24) 'A Place To Stand' in GraphQL and ID Oracle

(01:18:23) Auth gadgets, Web Cache Deception, & LocalStorage poisoning

(01:27:46) Cookie Injection & Context Breaks

Jaksot(162)

Episode 18: Audit Code, Earn Bounties

Episode 18: Audit Code, Earn Bounties

Episode 18: In this episode of Critical Thinking - Bug Bounty Podcast, we dive into everything source-code related: how to get source-code and what to do with it once you have. This episode is packed ...

11 Touko 20231h 6min

Episode 17: LA Live Chat with Five Legendary Hackers

Episode 17: LA Live Chat with Five Legendary Hackers

Episode 17: In this episode of Critical Thinking - Bug Bounty Podcast we talk with five legendary hackers about some of their favorite bugs. Live. From LA.Corben Leo “Lorben CEO” @hacker_Sam “ZLZ” “ZO...

4 Touko 202347min

Episode 16: The Hacker's Toolkit

Episode 16: The Hacker's Toolkit

Episode 16: In this episode of Critical Thinking - Bug Bounty Podcast we talk about the hacker’s toolkit. Joel and Justin talk about their VPS setup, go-to hacking tools, most often used Linux command...

20 Huhti 20231h 17min

Episode 15: The Israeli Million-Dollar Hacker

Episode 15: The Israeli Million-Dollar Hacker

Episode 15: In this episode of Critical Thinking - Bug Bounty Podcast we talk with the latest Million-Dollar bug bounty hunter: @naglinagli . He talks about his climb from $1,000 in bounties to $1,000...

13 Huhti 20231h 8min

Episode 14: Mobile Hacking Dynamic Analysis w/ Frida + Random Hacker Stuff

Episode 14: Mobile Hacking Dynamic Analysis w/ Frida + Random Hacker Stuff

Episode 14: In this episode of Critical Thinking - Bug Bounty Podcast we talk about Dynamic Analysis within Mobile Hacking and a bunch of random hacker stuff. It's a good time. Enjoy the pod.Follow us...

6 Huhti 20231h 21min

Episode 13: How to Find a Good BBP + Acropalypse + ZDI

Episode 13: How to Find a Good BBP + Acropalypse + ZDI

Episode 13: In this episode of Critical Thinking - Bug Bounty Podcast we talk about how to determine if a bug bounty program is good or not from the policy page. We also cover some news including Acro...

30 Maalis 20231h 16min

Episode 12: JHaddix on Hacker->Hacker CISO, OG Hacking Techniques, and Crazy Reports

Episode 12: JHaddix on Hacker->Hacker CISO, OG Hacking Techniques, and Crazy Reports

Episode 12: In this episode of Critical Thinking - Bug Bounty Podcast we talk with Jason Haddix about his eclectic hacking techniques, Hacker -> Hacker CISO life, and some crazy vulns he found. This e...

23 Maalis 20231h 46min

Episode 11: CV$$, Web Cache Deception, and SSTI

Episode 11: CV$$, Web Cache Deception, and SSTI

Episode 11: In this episode of Critical Thinking - Bug Bounty Podcast we talk about CVSS (the good, the bad, and the ugly), Web Cache Deception (an underrated vuln class) and a sick SSTI Joel and Fish...

16 Maalis 20231h 3min