Episode 61: A Hacker on Wall Street - JR0ch17
Critical Thinking - Bug Bounty Podcast7 Mars 2024

Episode 61: A Hacker on Wall Street - JR0ch17

Episode 61: In this episode of Critical Thinking - Bug Bounty Podcast Justin is joined by Jasmin Landry to share some stories about startup security, bug bounty, and the challenges of balancing both. He also shares his methodology for discovering OAuth-related bugs, highlights some differences between structured learning and self-teaching, and then walks us through a couple arbitrary ATO’s and SSTI to RCE bugs he’s found lately.

Follow us on twitter at: @ctbbpodcast

We're new to this podcasting thing, so feel free to send us any feedback here: info@criticalthinkingpodcast.io

Shoutout to YTCracker for the awesome intro music!

------ Links ------

Follow your hosts Rhynorater & Teknogeek on twitter:

https://twitter.com/0xteknogeek

https://twitter.com/rhynorater

------ Ways to Support CTBBPodcast ------

Hop on the CTBB Discord at https://ctbb.show/discord!

We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.

Today’s Guest: Jasmin Landry

https://twitter.com/JR0ch17

Resources:

Dirty Dancing blog post

https://labs.detectify.com/writeups/account-hijacking-using-dirty-dancing-in-sign-in-oauth-flows/

OAuth 2.0 Threat Model and Security Considerations

https://datatracker.ietf.org/doc/html/rfc6819

OAuth 2.0 Security Best Current Practice

https://datatracker.ietf.org/doc/html/draft-ietf-oauth-security-topics

Timestamps:

(00:00:00) Introduction

(00:02:20) Meta Tag + DomPurify Bug

(00:09:36) Jasmin's Origin story

(00:28:23) Full time Bug bounty challenges

(00:36:57) Career jumps in Security and current Role

(00:47:32) OAuth Bug methodology and cool bug stories

(01:02:35) Social Engineering and Bug Bounty

(01:13:41) Arbitrary ATO bug

(01:19:41) SSTI to RCE bug

Avsnitt(168)

Episode 72: Research TLDRs & Smuggling Payloads in Well Known Data Types

Episode 72: Research TLDRs & Smuggling Payloads in Well Known Data Types

Episode 72: In this episode of Critical Thinking - Bug Bounty Podcast Justin and Joel discuss some hot research from the past couple months. This includes ways to smuggle payloads in phone numbers and...

23 Maj 202452min

Episode 71: More VDP Chats & AI Bias Bounty Strats with Keith Hoodlet

Episode 71: More VDP Chats & AI Bias Bounty Strats with Keith Hoodlet

Episode 71: In this episode of Critical Thinking - Bug Bounty Podcast Keith Hoodlet joins us to weigh in on the VDP Debate. He shares some of his insights on when VDPs are appropriate in a company's s...

16 Maj 20241h 45min

Episode 70: NahamCon and CSP Bypasses Everywhere

Episode 70: NahamCon and CSP Bypasses Everywhere

Episode 70: In this episode of Critical Thinking - Bug Bounty Podcast we’re once again joined by Ben Sadeghipour to talk about some Nahamcon news, as well as discuss a couple other LHE’s taking place....

9 Maj 202443min

Episode 69: Johan Carlsson - 3 Month Check-in on Full-time Bug Bounty.

Episode 69: Johan Carlsson - 3 Month Check-in on Full-time Bug Bounty.

Episode 69: In this episode of Critical Thinking - Bug Bounty Podcast we’re joined by Johan Carlsson to hear about some updates on his bug hunting journey. We deep-dive a CSP bypass he found in GitHub...

2 Maj 20241h 49min

Episode 68: 0-days & HTMX-SS with Mathias

Episode 68: 0-days & HTMX-SS with Mathias

Episode 68: In this episode of Critical Thinking - Bug Bounty Podcast Mathias is back with some fresh HTMX research, including CSP bypass using HTMX triggers, converting client-side response header in...

25 Apr 20241h 3min

Episode 67: VDPs & Accidental Program VS Hacker Debate Part 2

Episode 67: VDPs & Accidental Program VS Hacker Debate Part 2

Episode 67: In this episode of Critical Thinking - Bug Bounty Podcast we deepdive on the topic of Vulnerability Disclosure Programs (VDPs) and whether they are beneficial or not. We also touch on the ...

18 Apr 20241h 19min

Episode 66: CDN-CGI Research, Intent To Ship, and Louis Vuitton

Episode 66: CDN-CGI Research, Intent To Ship, and Louis Vuitton

Episode 66: In this episode of Critical Thinking - Bug Bounty Podcast Justin and Joel discuss the recent YesWeHack Louis Vuitton LHE, the importance of failure as growth in bug bounty, and Justin shar...

11 Apr 202458min

Episode 65: Motivation and Methodology with Sam Curry (Zlz)

Episode 65: Motivation and Methodology with Sam Curry (Zlz)

Episode 65: In this episode of Critical Thinking - Bug Bounty Podcast we sit down with Sam Curry to discuss the ethical considerations and effectiveness of hacking, the importance of good intent, and ...

4 Apr 20242h 29min

Populärt inom Teknik

uppgang-och-fall
elbilsveckan
market-makers
rss-elektrikerpodden
bilar-med-sladd
har-vi-akt-till-mars-an
rss-technokratin
natets-morka-sida
skogsforum-podcast
rss-veckans-ai
rss-laddstationen-med-elbilen-i-sverige
gubbar-som-tjotar-om-bilar
hej-bruksbil
rss-en-ai-till-kaffet
teknikveckan
rss-sakerhetspodcasten
rss-powerboat-sverige-podcast
bli-saker-podden
rss-militarsnack
rss-upplyst-entreprenordirektor