Episode 61: A Hacker on Wall Street - JR0ch17
Critical Thinking - Bug Bounty Podcast
Exploring Security Vulnerabilities in Application Documentation
The chapter delves into specific bugs such as Arbitrary ATO via GraphQL and SSDI to RC via Ansible expression, highlighting the importance of thoroughly reading and understanding application documentation. It discusses incidents where hackers exploited vulnerabilities exposing JWT tokens and leaked headers to take over user accounts from different tenants. The chapter also explores the speaker's journey in discovering and exploiting security vulnerabilities related to SSTI, configuration file injection, and server-side template injection using tools like Ansible.
00:00
Transcript
Play full episode
Remember Everything You Learn from Podcasts
Save insights instantly, chat with episodes, and build lasting knowledge - all powered by AI.
