logo
episode-header-image
Feb 2023
35m 57s

Episode 8: PostMessage Bugs, CSS Injecti...

Justin Gardner (Rhynorater) & Joseph Thacker (Rez0)
About this episode

Episode 8: In this episode of Critical Thinking - Bug Bounty Podcast we drop some critical bugs which leak raw credit card info. We also discuss some CSS Injection & PostMessage related techniques. It's a short one but a good one! Don't miss it!

Follow us on twitter at: @ctbbpodcast

We're new to this podcasting thing, so feel free to send us any feedback here: info@criticalthinkingpodcast.io

Shoutout to YTCracker for the awesome intro music!

------ Links ------

Follow your hosts Rhynorater & Teknogeek on twitter:

https://twitter.com/0xteknogeek

https://twitter.com/rhynorater

CSS Escape Blog Post:

https://mathiasbynens.be/notes/css-escapes

Rez0’s blog on ChatGPT:

https://rez0.blog/hacking/2023/02/21/hacking-with-chatgpt.html

All the ways to get a reference to a frame (shoutout to @wcbowling for the article):

https://bluepnume.medium.com/every-known-way-to-get-references-to-windows-in-javascript-223778bede2d

CSS Painting API:

https://developer.mozilla.org/en-US/docs/Web/API/CSS_Painting_API

Import Chaining:

https://d0nut.medium.com/better-exfiltration-via-html-injection-31c72a2dae8b

Up next
Oct 9
Episode 143: New Cohost + Client-Side Gadgets, LHE Meta — Instant Global Admin in Entra!
Episode 143: In this episode of Critical Thinking - Bug Bounty Podcast Justin brings Brandyn back to announce him as our newest co-host. We chat about recent LHE experiences, and then break down some news. Follow us on twitter at: https://x.com/ctbbpodcastGot any ideas and sugges ... Show More
1h 4m
Oct 2
Episode 142: Gr3pme's Full-Time Hunting Journey Update, Insane AI research, And Some Light News
Episode 142: In this episode of Critical Thinking - Bug Bounty Podcast Rez0 and Gr3pme join forces to discuss Websocket research, Meta’s $111750 Bug, PROMISQROUTE, and the opportunities afforded by going full time in Bug Bounty.Follow us on twitter at: https://x.com/ctbbpodcastGo ... Show More
54m 50s
Sep 25
Episode 141: Hacking the Pod - Google Docs 0-day & React CreateElement Exploits with Nick Copi (7urb0)
Episode 141: In this episode of Critical Thinking - Bug Bounty Podcast Justin sits down with Nick Copi to talk about CSPT, React, CSS Injections and how Nick hacked the pod.Follow us on twitter at: https://x.com/ctbbpodcastGot any ideas and suggestions? Feel free to send us any f ... Show More
1h 23m
Recommended Episodes
Feb 2024
Episode 119 - Dart Squad (Ft. 1Dime)
You are listening to this episode 1 week after it was released. To get episodes on time check out our Patreon!  Episode 120 is already available there: https://www.patreon.com/TheDeprogram Check out his work here:Controlled Opposition video: https://www.youtube.com/watch?v=7uPevW ... Show More
1h 16m
Feb 2024
E167: Nvidia smashes earnings (again), Google's Woke AI disaster, Groq's LPU breakthrough & more
(0:00) Bestie intros: Banana boat! (2:34) Nvidia smashes expectations again: understanding its terminal value and bull/bear cases in the context of the history of the internet (27:26) Groq's big week, training vs. inference, LPUs vs. GPUs, how to succeed in deep tech (49:37) Goog ... Show More
1h 20m
Feb 2024
The Truth About That Voice In Your Head And What They Don’t Tell You About Starting A Podcast
Welcome back to The Journey Podcast! This episode is all about our thought patterns, how setting expectations lead to disappointment, and how hard it is to actually grow a podcast today. Magic Mind https://www.magicmind.com/JANthejourney DISCOUNT CODE THEJOURNEY20 APPLE https://p ... Show More
1h 7m
Sep 2023
Journeying With Throat Chakra Blockages + Powerful Practices
Text me your thoughts/questionsHello Magical Human & welcome back 🪷🫧 In this episode, I get vulnerable with you and share what I have been learning about my body and more specifically, throat chakra and its impact on your life. I share my deeper encounters with the Chakra syste ... Show More
23m 53s
Feb 2024
BTS | EP.148 - Valentine's Day Horror Stories ft ShxtsnGigs
Welcome to the Behind the Scenes podcast!Today we are joined by our first guests of the year...ShxtsnGigs!!Make sure you follow our page and like, comment, and share this episode with your friends and family if you enjoyed it! 0:00 - Intro02:13 - Who is Your Zaddy?10:55 - Dilemma ... Show More
1h 8m
Nov 2023
65. FIS highlights 1 - SNAP trial, AMR musical, S. aureus update, IPC in LMIC
Join Jame, Callum and Pals for a discussion on some highlights from FIS 2023: https://microbiologysociety.org/event/full-events-listing/federation-of-infection-societies-fis-conference.html Mentioned in episode: UCHL HLH protocol and referral details: https://www.uclh.nhs.uk/our- ... Show More
27m 34s
Feb 2024
730: Own Your Own PaaS
Scott and Wes talk about the benefits of owning your own PaaS (platform as a service), the main alternatives in the space, and ways to make passion projects more financially viable. Show Notes 00:00 Welcome to Syntax! 01:12 Brought to you by Sentry.io. 01:56 What is a PaaS? NGINX ... Show More
57m 58s
Feb 2024
BTS l EP.150 - "Platonic Friendships are a Myth!"
Welcome to the Behind the Scenes podcast! Make sure you follow our page and like, comment, and share this episode with your friends and family if you enjoyed it!  0:00 Intro 0:45 Dilemma32:57 How Was Your Week & Song of the Week47:00 Twitter Thread51:56 Hot Gist: Who TF Did I Mar ... Show More
1h 17m
Jan 2023
When and how to stop breastfeeding
Host Jessica Rolph breastfed all three of her children, but weaning the last has been an emotional experience. It’s hard to say how many mothers breastfeed beyond that first year or two, but often those mothers feel judged for choosing to continue.   Lyndsey Hookway joins us to h ... Show More
30m 48s
Listen to millions of songs and podcasts on Anghami