logo
episode-header-image
Aug 2024
1h 30m

Episode 85: Practical Applications of DE...

Justin Gardner (Rhynorater) & Joseph Thacker (Rez0)
About this episode

Episode 85: In this episode of Critical Thinking - Bug Bounty Podcast Justin and Joel talk through some of the research coming out of DEFCON, mainly from the PortSwigger team. Web timing attacks, cache exploitation, and exploits related to email protocols are all featured. Plus we also talk some fun Apache hacks from Orange Tsai

Follow us on twitter at: @ctbbpodcast

We're new to this podcasting thing, so feel free to send us any feedback here: info@criticalthinkingpodcast.io

Shoutout to YTCracker for the awesome intro music!

------ Links ------

Find the Hackernotes: https://blog.criticalthinkingpodcast.io/

Follow your hosts Rhynorater & Teknogeek on twitter:

https://twitter.com/0xteknogeek

https://twitter.com/rhynorater

------ Ways to Support CTBBPodcast ------

Hop on the CTBB Discord at https://ctbb.show/discord!

Check out our new SWAG store at https://ctbb.show/swag!

We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.

Today’s Sponsor - ThreatLocker

Resources

Listen to the whispers

https://portswigger.net/research/listen-to-the-whispers-web-timing-attacks-that-actually-work

Splitting the email atom

https://portswigger.net/research/splitting-the-email-atom

Gotta cache 'em all

https://portswigger.net/research/gotta-cache-em-all

HTTP Garden

https://github.com/narfindustries/http-garden

Confusion Attacks: Exploiting Hidden Semantic Ambiguity in Apache HTTP Server!

https://blog.orange.tw/2024/08/confusion-attacks-en.html#%E2%9C%94%EF%B8%8F-2-2-2-Local-Gadget-to-XSS

Trusted API Types

https://developer.mozilla.org/en-US/docs/Web/API/Trusted_Types_API

Untrusted Types

https://github.com/filedescriptor/untrusted-types

Timestamps:

(00:00:00) Introduction

(00:09:45) 'Listen to the whispers'

(00:30:03) 'Splitting the email atom'

(00:58:42) 'Gotta cache 'em all'

(01:21:03) 'Confusion Attacks'

Up next
Aug 21
Episode 136: Hacking Cluely, AI Prod Sec, and How To Not Get Sued with Jack Cable
Episode 136: In this episode of Critical Thinking - Bug Bounty Podcast, Joseph Thacker sits down with Jack Cable to get the scoop on a significant bug in Cluely’s desktop application, as well as the resulting drama. They also talk about Jack’s background in government cybersecuri ... Show More
50m 53s
Aug 14
Episode 135: Akamai's Ryan Barnett on WAFs, Unicode Confusables, and Triage Stories
Episode 135: In this episode of Critical Thinking - Bug Bounty Podcast Justin sits down with Ryan Barnett for a deep dive on WAFs. We also recap his Exploiting Unicode Normalization talk from DEFCON, and get his perspective on bug hunting from his time at Akamai. Follow us on twi ... Show More
1h 26m
Aug 4
Episode 134: XBOW - AI Hacking Agent and Human in the Loop with Diego Djurado
Episode 134: In this episode of Critical Thinking - Bug Bounty Podcast we’re joined by Diego Djurado to give us the scoop on XBOW. We cover a little about its architecture and approach to hunting, the challenges with hallucinations, and the future of AI in the BB landscape. Diego ... Show More
1h 53m
Recommended Episodes
Sep 2024
SN 990: Is Telegram an Encrypted App? - CrowdStrike Exodus, DDoS-as-a-Service, 'Active Listening' Ad Tech?
Telegram puts End-to-End Privacy in the Crosshairs Free security logging is good for everyone CrowdStrike hemorrhaging customers Microsoft to meet privately with EDR (Endpoint Detection & Response) vendors Yelp's Unhappy with Google Telegram as the hotbed for DDoSass – DDoS as a ... Show More
2h 9m
Apr 2025
SN 1023: Preventing Windows Sandbox Abuse - Microsoft Says "Don't Delete This Folder"
Why did a mysterious empty "inetpub" directory appear after April's Patch Tuesday? And what new Windows Update crashing hack did this also create? North Korea is now creating fake US companies to lure would-be employees. The "Inception" attack subverts all GPT conversational AIs. ... Show More
2h 44m
Sep 2024
Derailing the Raptor Train botnet.
The US government disrupts China’s Raptor Train botnet. A phishing campaign abuses GitHub repositories to distribute malware.Ransomware group Vanilla Tempest targets U.S. healthcare providers.Hackers demand $6 million for stolen airport data. The FCC opens applications for a $200 ... Show More
38m 9s
May 2
884: Model Context Protocol (MCP) and Why Everyone’s Talking About It
Model Context Protocol (MCP) is Anthropic’s hottest tool, with over 1,000 community-built MCP servers in operation by February alone. In this Five-Minute Friday, Jon Krohn explains what took so long for users to catch on: Anthropic released MCP in November 2024. Hear more about t ... Show More
6m 44s
Jun 2024
Unlocking the Secrets of AI in Tech with April Yoho
Join hosts Charles William Carpenter III and Adam Argyle for a riveting episode of 'Whiskey Web and Whatnot' featuring guest April Yoho. Based in the UK and a seasoned developer advocate, April shares her extensive 25+ years of experience in tech while indulging in a tasting sess ... Show More
39m 44s
Jan 2015
17: Somewhere on The Monorail
This week Jason and Myke discuss Apple's software quality issues and the difficulty in diagnosing problems from outside an organization, why Family Sharing is a problematic feature, and what's good and bad about CES. Plus, Jason listens to Hello Internet and Myke listens ... Show More
1h 41m
Feb 2025
SN 1014: FREEDOM Administration Login - Apple's UK Privacy Showdown, $1.5 Billion Crypto Heist
Apple disables Advanced Data Protection for new UK users. Paying ransoms is not as cut and dried as we might imagine. Elon Musk's "X" social media blocks "Signal.me" links. Spain's soccer league blocks Cloudflare and causes a mess. Two new (and rare) vulnerabilities discovered in ... Show More
2h 39m
Jan 2025
Disrupting Cracked Cobalt Strike [The Microsoft Threat Intelligence Podcast]
While we are on our winter publishing break, please enjoy an episode of our N2K CyberWire network show, The Microsoft Threat Intelligence Podcast by Microsoft Threat Intelligence. See you in 2025! On this week's episode of The Microsoft Threat Intelligence Podcast, we discuss the ... Show More
38m 40s
Jun 2023
The rise of ChatGPT: A look into the future of chatbots.
This week, our CyberWire UK Correspondent Carole Theriault is talking with Paul Ducklin from Sophos about where ChatGPT could be going in the future. Joe and Dave share quite a bit of follow up from listeners, discussing several people writing in about dating apps and the men who ... Show More
53m 25s
Aug 6
Cybersecurity Threats and Trends: From North Korean Spies to AI-Driven Attacks
In this episode, host Jim Love explores a variety of pressing cybersecurity threats and developments. The episode begins with an invitation for listeners to share their summer reading choices. The main content highlights include North Korean operatives infiltrating US companies t ... Show More
11m 55s
Listen to millions of songs and podcasts on Anghami