Episode 72: Research TLDRs & Smuggling Payloads in Well Known Data Types
Critical Thinking - Bug Bounty Podcast23 Touko 2024

Episode 72: Research TLDRs & Smuggling Payloads in Well Known Data Types

Episode 72: In this episode of Critical Thinking - Bug Bounty Podcast Justin and Joel discuss some hot research from the past couple months. This includes ways to smuggle payloads in phone numbers and IPv6 Addresses, the NextJS SSRF, the PDF.JS PoC drop, and a GitHub Enterprise Indirect Method Information bug. Also, we have an attack vector featured from Monke!

Follow us on twitter at: @ctbbpodcast

Shoutout to YTCracker for the awesome intro music!

------ Links ------

Follow your hosts Rhynorater & Teknogeek on twitter:

------ Ways to Support CTBBPodcast ------

Hop on the CTBB Discord at https://ctbb.show/discord!

We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.

Today's Sponsor - Project Discovery: https://nux.gg/podcast

Resources:

PDF.JS Bypass to XSS

https://github.com/advisories/GHSA-wgrm-67xf-hhpq

https://codeanlabs.com/blog/research/cve-2024-4367-arbitrary-js-execution-in-pdf-js/

PDFium

NextJS SSRF by AssetNote

Better Bounty Transparency for hackers

Slonser IPV6 Research

Smuggling payloads in phone numbers

Automatic Plugin SQLi

DomPurify Bypass

Bug Bounty JP Podcast

Github Enterprise send() bug

https://x.com/creastery/status/1787327890943873055

https://x.com/Rhynorater/status/1788598984572813549

Timestamps:

(00:00:09) Introduction

(00:03:20) PDF.JS XSS and NextJS SSRF

(00:12:52) Better Bounty Transparency

(00:20:01) IPV6 Research and Phone Number Payloads

(00:28:20) Community Highlight and Automatic Plugin CVE-2024-27956

(00:33:26) DomPurify Bypass and Github Enterprise send() bug

(00:46:12) Caido cookie and header extension updates

Jaksot(161)

Episode 161: Cross-Consumer Attacks & DTMF Tone Exfil

Episode 161: Cross-Consumer Attacks & DTMF Tone Exfil

Episode 161: In this episode of Critical Thinking - Bug Bounty Podcast Justin Gives us some quick hits regarding CSRF and Cross Consumer Attacks, and also touches on some breaking questions surroundin...

12 Helmi 24min

Episode 160: Cloudflare Zero-days & Mail Unsubscribing for XSS

Episode 160: Cloudflare Zero-days & Mail Unsubscribing for XSS

Episode 160: In this episode of Critical Thinking - Bug Bounty Podcast Joseph and Brandyn. Chat through some news, Including a Cloudflare Zero-day, Turning List-Unsubscribe into an SSRF/XSS Gadget, & ...

5 Helmi 45min

Episode 159: Avoiding Downgrades on Google Cloud VRP with Cote and Darby Hopkins

Episode 159: Avoiding Downgrades on Google Cloud VRP with Cote and Darby Hopkins

Episode 159: In this episode of Critical Thinking - Bug Bounty Podcast we sit down with the Google Cloud VRP Team to deep-dive policy and reward changes, what the panel process looks like, and how to ...

29 Tammi 1h 46min

Episode 158: 10hr Marathon Hack-Along Recap + $300k Client-side Bugs

Episode 158: 10hr Marathon Hack-Along Recap + $300k Client-side Bugs

Episode 158: In this episode of Critical Thinking - Bug Bounty Podcast we talk about our personal takeaways from the CTBB Charity Hackalong, and then break down some InsertScript POCs, what a $55,000 ...

22 Tammi 58min

Episode 157: Crushing Pwn2Own & H1 with Kernel Driver Exploits

Episode 157: Crushing Pwn2Own & H1 with Kernel Driver Exploits

Episode 157: In this episode of Critical Thinking - Bug Bounty Podcast we’re joined by Hypr to talk about hacking Mediatek and his experiences with HackerOne and Pwn2Own Ecosystems.Follow us on twitte...

15 Tammi 1h 34min

Episode 156: Chill AMA from bugbounty.forum

Episode 156: Chill AMA from bugbounty.forum

Episode 156: In this episode of Critical Thinking - Bug Bounty Podcast we answer some fantastic questions from over at bugbounty.forumFollow us on twitter at: https://x.com/ctbbpodcastGot any ideas an...

8 Tammi 1h 23min

Episode 155: 2025 Hacker Stats & 2026 Goals

Episode 155: 2025 Hacker Stats & 2026 Goals

Episode 155: In this episode of Critical Thinking - Bug Bounty Podcast Justin, Joseph, and Brandyn reflect on last year of Bug Bounty, and list their goals and predictions for what 2026 holds.Follow u...

1 Tammi 1h 32min

Episode 154: Starting a Pentesting Company on Top of Bug Bounty

Episode 154: Starting a Pentesting Company on Top of Bug Bounty

Episode 154: In this episode of Critical Thinking - Bug Bounty Podcast Joseph and Brandyn talk through the transition from Bug Bounty hunting to Pentesting. We cover diversifying income streams, the c...

25 Joulu 202541min