Episode 61: A Hacker on Wall Street - JR0ch17
Critical Thinking - Bug Bounty Podcast7 Maalis 2024

Episode 61: A Hacker on Wall Street - JR0ch17

Episode 61: In this episode of Critical Thinking - Bug Bounty Podcast Justin is joined by Jasmin Landry to share some stories about startup security, bug bounty, and the challenges of balancing both. He also shares his methodology for discovering OAuth-related bugs, highlights some differences between structured learning and self-teaching, and then walks us through a couple arbitrary ATO’s and SSTI to RCE bugs he’s found lately.

Follow us on twitter at: @ctbbpodcast

We're new to this podcasting thing, so feel free to send us any feedback here: info@criticalthinkingpodcast.io

Shoutout to YTCracker for the awesome intro music!

------ Links ------

Follow your hosts Rhynorater & Teknogeek on twitter:

https://twitter.com/0xteknogeek

https://twitter.com/rhynorater

------ Ways to Support CTBBPodcast ------

Hop on the CTBB Discord at https://ctbb.show/discord!

We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.

Today’s Guest: Jasmin Landry

https://twitter.com/JR0ch17

Resources:

Dirty Dancing blog post

https://labs.detectify.com/writeups/account-hijacking-using-dirty-dancing-in-sign-in-oauth-flows/

OAuth 2.0 Threat Model and Security Considerations

https://datatracker.ietf.org/doc/html/rfc6819

OAuth 2.0 Security Best Current Practice

https://datatracker.ietf.org/doc/html/draft-ietf-oauth-security-topics

Timestamps:

(00:00:00) Introduction

(00:02:20) Meta Tag + DomPurify Bug

(00:09:36) Jasmin's Origin story

(00:28:23) Full time Bug bounty challenges

(00:36:57) Career jumps in Security and current Role

(00:47:32) OAuth Bug methodology and cool bug stories

(01:02:35) Social Engineering and Bug Bounty

(01:13:41) Arbitrary ATO bug

(01:19:41) SSTI to RCE bug

Jaksot(161)

Episode 25: 2xMVH & Multi-million dollar hacker Inhibitor181

Episode 25: 2xMVH & Multi-million dollar hacker Inhibitor181

Episode 25: In this episode of Critical Thinking - Bug Bounty Podcast we talk to Cosmin (@Inhibitor181), fresh off of winning his 2nd MVH! We chat about the time management and strategy of hacking Mul...

29 Kesä 20231h 11min

Episode 24: AI + Hacking with Daniel Miessler and Rez0

Episode 24: AI + Hacking with Daniel Miessler and Rez0

Episode 24: In this episode of Critical Thinking - Bug Bounty Podcast, we chat with Daniel Miessler and Rez0 about the emergence and potential of AI in hacking. We cover AI shortcuts and command line ...

22 Kesä 20231h 3min

Episode 23: Hacker Loadouts

Episode 23: Hacker Loadouts

Episode 23: In this episode of Critical Thinking - Bug Bounty Podcast, we delve into a different aspect of hardware - Our personal loadouts. We go through the equipment and gear we use to get our jobs...

15 Kesä 20231h 14min

Episode 22: Chipping Away at Hardware Hacking

Episode 22: Chipping Away at Hardware Hacking

Episode 22: In this episode of Critical Thinking - Bug Bounty Podcast we talk about some basic/intermediate concepts related to Hardware Hacking. Specifically, we dive into extracting data from eMMC c...

8 Kesä 20231h 11min

Episode 21: Chill Chat with Legendary DoD Hacker Corben Leo

Episode 21: Chill Chat with Legendary DoD Hacker Corben Leo

In this episode of Critical Thinking - Bug Bounty Podcast, we chat with Corben Leo about his journey in bug bounty hunting and ethical hacking. We discuss the state of DNS rebinding in 2023, a Twitter...

1 Kesä 20231h 13min

Episode 20: Hacker Brain Hacks - Overcoming Bug Bounty's Mental Tolls

Episode 20: Hacker Brain Hacks - Overcoming Bug Bounty's Mental Tolls

Episode 20: In this episode of Critical Thinking - Bug Bounty Podcast, we dive into the world of "hacker brain hacks'' and overcoming challenges in bug bounty hunting. We discuss custom word lists, th...

25 Touko 20231h 6min

Episode 19: Audit Code, Earn Bounties (Part 2) + Zip-Snip, Sitecore, and more!

Episode 19: Audit Code, Earn Bounties (Part 2) + Zip-Snip, Sitecore, and more!

Episode 19: In this episode of Critical Thinking - Bug Bounty Podcast we further discuss some tips and tricks for finding vulns once you’ve got source code and some banger tweets/tools that popped up ...

18 Touko 202353min

Episode 18: Audit Code, Earn Bounties

Episode 18: Audit Code, Earn Bounties

Episode 18: In this episode of Critical Thinking - Bug Bounty Podcast, we dive into everything source-code related: how to get source-code and what to do with it once you have. This episode is packed ...

11 Touko 20231h 6min