logo
episode-header-image
Feb 2023
35m 57s

Episode 8: PostMessage Bugs, CSS Injecti...

Justin Gardner (Rhynorater) & Joseph Thacker (Rez0)
About this episode

Episode 8: In this episode of Critical Thinking - Bug Bounty Podcast we drop some critical bugs which leak raw credit card info. We also discuss some CSS Injection & PostMessage related techniques. It's a short one but a good one! Don't miss it!

Follow us on twitter at: @ctbbpodcast

We're new to this podcasting thing, so feel free to send us any feedback here: info@criticalthinkingpodcast.io

Shoutout to YTCracker for the awesome intro music!

------ Links ------

Follow your hosts Rhynorater & Teknogeek on twitter:

https://twitter.com/0xteknogeek

https://twitter.com/rhynorater

CSS Escape Blog Post:

https://mathiasbynens.be/notes/css-escapes

Rez0’s blog on ChatGPT:

https://rez0.blog/hacking/2023/02/21/hacking-with-chatgpt.html

All the ways to get a reference to a frame (shoutout to @wcbowling for the article):

https://bluepnume.medium.com/every-known-way-to-get-references-to-windows-in-javascript-223778bede2d

CSS Painting API:

https://developer.mozilla.org/en-US/docs/Web/API/CSS_Painting_API

Import Chaining:

https://d0nut.medium.com/better-exfiltration-via-html-injection-31c72a2dae8b

Up next
Nov 20
Episode 149: DEFCON Debrief: AI Vulns, Unicode Weirdness, and Wild Vulnerability Chains
<p>Episode 149: In this episode of Critical Thinking - Bug Bounty Podcast The DEFCON videos are up, and Justin and Joseph talk through some of their favorites.</p><p>Follow us on <a target="_blank" rel="noopener noreferrer nofollow" href="https://x.com/ctbbpodcast">X</a></p><p>Go ... Show More
1h 2m
Nov 13
Episode 148: MCP Hacking Guide
Episode 148: In this episode of Critical Thinking - Bug Bounty Podcast Justin gives us a crash course on Model Context Protocol.Follow us on twitter at: https://x.com/ctbbpodcastGot any ideas and suggestions? Feel free to send us any feedback here: info@criticalthinkingpodcast.io ... Show More
32m 26s
Nov 6
Episode 147: Stupid Simple Hacking Workflow Tips
Episode 147: In this episode of Critical Thinking - Bug Bounty Podcast we're talking tips and tricks that help us in hacking that we really should’ve learned sooner.Follow us on twitter at: https://x.com/ctbbpodcastGot any ideas and suggestions? Feel free to send us any feedback ... Show More
58m 48s
Recommended Episodes
Feb 2024
Episode 119 - Dart Squad (Ft. 1Dime)
<p>You are listening to this episode 1 week after it was released. To get episodes on time check out our Patreon!  <a href='https://www.patreon.com/posts/episode-103-ft-91756638'>Episode 1</a>20 is already available there: https://www.patreon.com/TheDeprogram<br/><br/>Check out h ... Show More
1h 16m
Feb 2024
E167: Nvidia smashes earnings (again), Google's Woke AI disaster, Groq's LPU breakthrough & more
(0:00) Bestie intros: Banana boat! (2:34) Nvidia smashes expectations again: understanding its terminal value and bull/bear cases in the context of the history of the internet (27:26) Groq's big week, training vs. inference, LPUs vs. GPUs, how to succeed in deep tech (49:37) Goog ... Show More
1h 20m
Feb 2024
The Truth About That Voice In Your Head And What They Don’t Tell You About Starting A Podcast
<p>Welcome back to The Journey Podcast! This episode is all about our thought patterns, how setting expectations lead to disappointment, and how hard it is to actually grow a podcast today. Magic Mind https://www.magicmind.com/JANthejourney DISCOUNT CODE THEJOURNEY20 APPLE h ... Show More
1h 7m
Sep 2023
Journeying With Throat Chakra Blockages + Powerful Practices
<p><a target="_blank" href="https://www.buzzsprout.com/twilio/text_messages/1723781/open_sms">Text me your thoughts/questions</a></p><p>Hello Magical Human &amp; welcome back 🪷🫧<br/><br/><br/>In this episode, I get vulnerable with you and share what I have been learning about m ... Show More
23m 53s
Feb 2024
BTS | EP.148 - Valentine's Day Horror Stories ft ShxtsnGigs
Welcome to the Behind the Scenes podcast!Today we are joined by our first guests of the year...ShxtsnGigs!!Make sure you follow our page and like, comment, and share this episode with your friends and family if you enjoyed it! 0:00 - Intro02:13 - Who is Your Zaddy?10:55 - Dilemma ... Show More
1h 8m
Nov 2023
65. FIS highlights 1 - SNAP trial, AMR musical, S. aureus update, IPC in LMIC
<p>Join Jame, Callum and Pals for a discussion on some highlights from FIS 2023: <a href='https://microbiologysociety.org/event/full-events-listing/federation-of-infection-societies-fis-conference.html'>https://microbiologysociety.org/event/full-events-listing/federation-of-infec ... Show More
28m 37s
Feb 2024
730: Own Your Own PaaS
Scott and Wes talk about the benefits of owning your own PaaS (platform as a service), the main alternatives in the space, and ways to make passion projects more financially viable. Show Notes 00:00 Welcome to Syntax! 01:12 Brought to you by Sentry.io. 01:56 What is a PaaS ... Show More
57m 57s
Feb 2024
BTS l EP.150 - "Platonic Friendships are a Myth!"
Welcome to the Behind the Scenes podcast! Make sure you follow our page and like, comment, and share this episode with your friends and family if you enjoyed it!  0:00 Intro 0:45 Dilemma32:57 How Was Your Week & Song of the Week47:00 Twitter Thread51:56 Hot Gist: Who TF Did I Mar ... Show More
1h 17m
Jan 2023
When and how to stop breastfeeding
<p><span style="font-weight: 400;">Host Jessica Rolph breastfed all three of her children, but weaning the last has been an emotional experience. It's hard to say how many mothers breastfeed beyond that first year or two, but often those mothers feel judged for choosing to contin ... Show More
30m 48s
Listen to millions of songs and podcasts on Anghami