Episode 95: Attacking Chrome Extensions with MatanBer - Big Impact on the Client-Side
Critical Thinking - Bug Bounty Podcast31 Okt 2024

Episode 95: Attacking Chrome Extensions with MatanBer - Big Impact on the Client-Side

Episode 95: In this episode of Critical Thinking - Bug Bounty Podcast In this episode, Justin is joined by MatanBer to delve into the intricacies of browser extensions. We talk about the structure and threat models, and cover things like service workers, extension pages, and isolated worlds.

Follow us on twitter at: @ctbbpodcast

We're new to this podcasting thing, so feel free to send us any feedback here: info@criticalthinkingpodcast.io

Shoutout to YTCracker for the awesome intro music!

------ Links ------

Follow your hosts Rhynorater & Teknogeek on twitter:

https://twitter.com/0xteknogeek

https://twitter.com/rhynorater

------ Ways to Support CTBBPodcast ------

Hop on the CTBB Discord at https://ctbb.show/discord!

We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.

Today’s Sponsor - AssetNote. Listen to their podcast https://www.criticalthinkingpodcast.io/sspod

Today’s Guest: https://x.com/MtnBer

Resources

Universal Code Execution by Chaining Messages in Browser Extensions

https://spaceraccoon.dev/universal-code-execution-browser-extensions/

DOMLogger++

https://github.com/kevin-mizu/domloggerpp

BBRE Metamask bug

https://youtu.be/HnI0w156rtw?si=QixP8SX6JuRFz6PA

Bench Press: Leaking Text Nodes with CSS

https://blog.pspaul.de/posts/bench-press-leaking-text-nodes-with-css/

Timestamps:

(00:00:00) Introduction

(00:03:08) Structure & Threat Model for Browser Extension

(00:28:28) Extension Attack scenarios

(01:01:26) Attacking Extension Pages

(01:26:35) Attacking Service Workers

(01:46:23) Getting source code and dynamic debugging

Avsnitt(166)

Episode 158: 10hr Marathon Hack-Along Recap + $300k Client-side Bugs

Episode 158: 10hr Marathon Hack-Along Recap + $300k Client-side Bugs

Episode 158: In this episode of Critical Thinking - Bug Bounty Podcast we talk about our personal takeaways from the CTBB Charity Hackalong, and then break down some InsertScript POCs, what a $55,000 ...

22 Jan 58min

Episode 157: Crushing Pwn2Own & H1 with Kernel Driver Exploits

Episode 157: Crushing Pwn2Own & H1 with Kernel Driver Exploits

Episode 157: In this episode of Critical Thinking - Bug Bounty Podcast we’re joined by Hypr to talk about hacking Mediatek and his experiences with HackerOne and Pwn2Own Ecosystems.Follow us on twitte...

15 Jan 1h 34min

Episode 156: Chill AMA from bugbounty.forum

Episode 156: Chill AMA from bugbounty.forum

Episode 156: In this episode of Critical Thinking - Bug Bounty Podcast we answer some fantastic questions from over at bugbounty.forumFollow us on twitter at: https://x.com/ctbbpodcastGot any ideas an...

8 Jan 1h 23min

Episode 155: 2025 Hacker Stats & 2026 Goals

Episode 155: 2025 Hacker Stats & 2026 Goals

Episode 155: In this episode of Critical Thinking - Bug Bounty Podcast Justin, Joseph, and Brandyn reflect on last year of Bug Bounty, and list their goals and predictions for what 2026 holds.Follow u...

1 Jan 1h 32min

Episode 154: Starting a Pentesting Company on Top of Bug Bounty

Episode 154: Starting a Pentesting Company on Top of Bug Bounty

Episode 154: In this episode of Critical Thinking - Bug Bounty Podcast Joseph and Brandyn talk through the transition from Bug Bounty hunting to Pentesting. We cover diversifying income streams, the c...

25 Dec 202541min

Episode 153: Hacking the Robots of the Future: Hardware, AI, and Bug Bounties with Matt Brown

Episode 153: Hacking the Robots of the Future: Hardware, AI, and Bug Bounties with Matt Brown

Episode 153: In this episode of Critical Thinking - Bug Bounty Podcast Matt Brown returns to talk with us about hacking robots, IOT hackbots, and his Zero-to-Hero Hardware Hacking Guide.Follow us on t...

18 Dec 20251h 16min

Episode 152: GeminiJack and Agentic Security with Sasi Levi

Episode 152: GeminiJack and Agentic Security with Sasi Levi

Episode 152: In this episode of Critical Thinking - Bug Bounty Podcast we’re joined by Sasi Levi from Noma Security to talk about AI and Agentic Security. We also talk about ForcedLeak, a Google Verte...

11 Dec 20251h 21min

Episode 151: Client-side Advanced Topics

Episode 151: Client-side Advanced Topics

Episode 151: In this episode of Critical Thinking - Bug Bounty Podcast we’re covering Client-side advanced topics. Justin talks Joseph (and us) through Third-Party Cookie Nuances, Iframe Tricks, URL P...

4 Dec 20251h 7min

Populärt inom Teknik

uppgang-och-fall
elbilsveckan
market-makers
rss-elektrikerpodden
rss-laddstationen-med-elbilen-i-sverige
skogsforum-podcast
bilar-med-sladd
rss-technokratin
har-vi-akt-till-mars-an
natets-morka-sida
rss-veckans-ai
gubbar-som-tjotar-om-bilar
developers-mer-an-bara-kod
rss-uppgang-och-fall
ai-sweden-podcast
bli-saker-podden
rss-it-sakerhetspodden
rss-en-ai-till-kaffet
rss-snacka-om-ai
rss-ai-med-katarina-gospic-och-viggo-cavling