Episode 143: New Cohost + Client-Side Gadgets, LHE Meta — Instant Global Admin in Entra!
Episode description
Episode 143: In this episode of Critical Thinking - Bug Bounty Podcast Justin brings Brandyn back to announce him as our newest co-host. We chat about recent LHE experiences, and then break down some news.
Follow us on twitter at: https://x.com/ctbbpodcast
Got any ideas and suggestions? Feel free to send us any feedback here: info@criticalthinkingpodcast.io
Shoutout to YTCracker for the awesome intro music!
====== Links ======
Follow your hosts Rhynorater and Rez0 on Twitter:
====== Ways to Support CTBBPodcast ======
Hop on the CTBB Discord at https://ctbb.show/discord!
We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.
You can also find some hacker swag at https://ctbb.show/merch!
====== This Week in Bug Bounty ======
YesWeHack won the European commission: https://www.yeswehack.com/news/european-commission-tender-won-yeswehack
YesWeHack now have authorised cve numbering authority: https://www.yeswehack.com/news/yeswehack-authorised-cve-numbering-authority
A wide range of highly used open source bug bounty program such as Log4J, Systemd, GNOME and a lot more:
https://event.yeswehack.com/events/open-the-code-source-the-bounty
====== Resources ======
Attributes reference inside HTML
Explaining XSS without parentheses and semi-colons
Beyond Sandbox Domains: Rendering Untrusted Web Content with SafeContentFrame
====== Timestamps ======
(00:00:00) Introduction
(00:03:16) LHE approaches and accomplishments
(00:30:54) Attributes reference inside HTML & Explaining XSS without parentheses and semi-colons
(00:44:33) One Token to rule them all
(00:57:13) Flareprox & Caido 101