Episode 68: 0-days & HTMX-SS with Mathias
Critical Thinking - Bug Bounty Podcast25 Apr 2024

Episode 68: 0-days & HTMX-SS with Mathias

Episode 68: In this episode of Critical Thinking - Bug Bounty Podcast Mathias is back with some fresh HTMX research, including CSP bypass using HTMX triggers, converting client-side response header injection to XSS, bypassing HTMX disable, and the challenges of using HTMX in larger applications and the potential performance trade-offs. We also talk about the results of his recent CTF Challenge, and explore some more facets of CDN-CGI functionality.

Follow us on twitter at: @ctbbpodcast

We're new to this podcasting thing, so feel free to send us any feedback here: info@criticalthinkingpodcast.io

Shoutout to YTCracker for the awesome intro music!

------ Links ------

Follow your hosts Rhynorater & Teknogeek on twitter:

https://twitter.com/0xteknogeek

https://twitter.com/rhynorater

Project Discovery Conference: https://nux.gg/hss24

------ Ways to Support CTBBPodcast ------

Hop on the CTBB Discord at https://ctbb.show/discord!

We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.

Today’s Guest:

https://twitter.com/avlidienbrunn

Resources:

Masato Kinugawa's research on Teams

https://speakerdeck.com/masatokinugawa/how-i-hacked-microsoft-teams-and-got-150000-dollars-in-pwn2own?slide=33

subdomain-only 307 open redirect

https://avlidienbrunn.se/cdn-cgi/image/onerror=redirect/http://anything.avlidienbrunn.se

Timestamps

(00:00:00) Introduction

(00:05:18) CSP Bypass using HTML

(00:14:00) Converting client-side response header injection to XSS

(00:23:10) Bypassing hx-disable

(00:32:37) XSS-ing impossible elements

(00:38:22) CTF challenge Recap and knowing there's a bug

(00:51:53) hx-on (depreciated)

(00:54:30) CDN-CGI Research discussion

Avsnitt(164)

Episode 20: Hacker Brain Hacks - Overcoming Bug Bounty's Mental Tolls

Episode 20: Hacker Brain Hacks - Overcoming Bug Bounty's Mental Tolls

Episode 20: In this episode of Critical Thinking - Bug Bounty Podcast, we dive into the world of "hacker brain hacks'' and overcoming challenges in bug bounty hunting. We discuss custom word lists, th...

25 Maj 20231h 6min

Episode 19: Audit Code, Earn Bounties (Part 2) + Zip-Snip, Sitecore, and more!

Episode 19: Audit Code, Earn Bounties (Part 2) + Zip-Snip, Sitecore, and more!

Episode 19: In this episode of Critical Thinking - Bug Bounty Podcast we further discuss some tips and tricks for finding vulns once you’ve got source code and some banger tweets/tools that popped up ...

18 Maj 202353min

Episode 18: Audit Code, Earn Bounties

Episode 18: Audit Code, Earn Bounties

Episode 18: In this episode of Critical Thinking - Bug Bounty Podcast, we dive into everything source-code related: how to get source-code and what to do with it once you have. This episode is packed ...

11 Maj 20231h 6min

Episode 17: LA Live Chat with Five Legendary Hackers

Episode 17: LA Live Chat with Five Legendary Hackers

Episode 17: In this episode of Critical Thinking - Bug Bounty Podcast we talk with five legendary hackers about some of their favorite bugs. Live. From LA.Corben Leo “Lorben CEO” @hacker_Sam “ZLZ” “ZO...

4 Maj 202347min

Episode 16: The Hacker's Toolkit

Episode 16: The Hacker's Toolkit

Episode 16: In this episode of Critical Thinking - Bug Bounty Podcast we talk about the hacker’s toolkit. Joel and Justin talk about their VPS setup, go-to hacking tools, most often used Linux command...

20 Apr 20231h 17min

Episode 15: The Israeli Million-Dollar Hacker

Episode 15: The Israeli Million-Dollar Hacker

Episode 15: In this episode of Critical Thinking - Bug Bounty Podcast we talk with the latest Million-Dollar bug bounty hunter: @naglinagli . He talks about his climb from $1,000 in bounties to $1,000...

13 Apr 20231h 8min

Episode 14: Mobile Hacking Dynamic Analysis w/ Frida + Random Hacker Stuff

Episode 14: Mobile Hacking Dynamic Analysis w/ Frida + Random Hacker Stuff

Episode 14: In this episode of Critical Thinking - Bug Bounty Podcast we talk about Dynamic Analysis within Mobile Hacking and a bunch of random hacker stuff. It's a good time. Enjoy the pod.Follow us...

6 Apr 20231h 21min

Episode 13: How to Find a Good BBP + Acropalypse + ZDI

Episode 13: How to Find a Good BBP + Acropalypse + ZDI

Episode 13: In this episode of Critical Thinking - Bug Bounty Podcast we talk about how to determine if a bug bounty program is good or not from the policy page. We also cover some news including Acro...

30 Mars 20231h 16min

Populärt inom Teknik

uppgang-och-fall
elbilsveckan
rss-elektrikerpodden
bilar-med-sladd
skogsforum-podcast
market-makers
natets-morka-sida
rss-veckans-ai
gubbar-som-tjotar-om-bilar
rss-technokratin
rss-laddstationen-med-elbilen-i-sverige
rss-it-sakerhetspodden
rss-uppgang-och-fall
har-vi-akt-till-mars-an
developers-mer-an-bara-kod
musikprodd-podden
ai-sweden-podcast
bosse-bildoktorn-och-hasse-p
rss-fabriken-2
rss-digitala-influencer-podden