Episode 8: PostMessage Bugs, CSS Injection, and Bug Drops
Critical Thinking - Bug Bounty Podcast - En podcast af Justin Gardner (Rhynorater) & Joel Margolis (teknogeek) - Torsdage
Kategorier:
Episode 8: In this episode of Critical Thinking - Bug Bounty Podcast we drop some critical bugs which leak raw credit card info. We also discuss some CSS Injection & PostMessage related techniques. It's a short one but a good one! Don't miss it!Follow us on twitter at: @ctbbpodcastWe're new to this podcasting thing, so feel free to send us any feedback here: [email protected] to YTCracker for the awesome intro music!------ Links ------Follow your hosts Rhynorater & Teknogeek on twitter:https://twitter.com/0xteknogeekhttps://twitter.com/rhynoraterCSS Escape Blog Post:https://mathiasbynens.be/notes/css-escapesRez0’s blog on ChatGPT:https://rez0.blog/hacking/2023/02/21/hacking-with-chatgpt.htmlAll the ways to get a reference to a frame (shoutout to @wcbowling for the article):https://bluepnume.medium.com/every-known-way-to-get-references-to-windows-in-javascript-223778bede2dCSS Painting API:https://developer.mozilla.org/en-US/docs/Web/API/CSS_Painting_APIImport Chaining:https://d0nut.medium.com/better-exfiltration-via-html-injection-31c72a2dae8b