OAuth Flows and URL Parsing in Android Apps

Episode 44: In this episode of Critical Thinking - Bug Bounty Podcast, the topic is URL structure, and Justin and Joel break down the elements that make up a URL and some common tips and tricks surrounding them which allow for all sorts of bypasses. We also round out the episode with some new tools, ato stories, and some controversial current events in the hacker scene.

Follow us on twitter at: @ctbbpodcast

We're new to this podcasting thing, so feel free to send us any feedback here: info@criticalthinkingpodcast.io

Shoutout to YTCracker for the awesome intro music!

------ Links ------

Follow your hosts Rhynorater & Teknogeek on twitter:

https://twitter.com/0xteknogeek

https://twitter.com/rhynorater

------ Ways to Support CTBBPodcast ------

Sign up for Caido using the referral code CTBBPODCAST for a 10% discount.

"XnlReveal" XNL h4ck3r

OAuth article by Salt Labs

H1 controversy recap

ATO through Facebook Login

https://twitter.com/Jayesh25_/status/1718543152296939861

https://twitter.com/itscachemoney/status/1721658450613346557

When URL Parsers disagree

Golden techniques to bypass host validations in Android apps

Mozilla article on HTTP Authentication

Breaking Parser Logic talk by Orange Tsai

URL Detector

SSRF Bible

Timestamps:

(00:00:00) Introduction

(00:04:10) “Xnl-Reveal”

(00:07:22) OAuth vulnerabilities

(00:13:17) Recap of controversy surrounding the handling of a vulnerability report on H1

(00:18:55) Hacker Success Manager Program

(00:22:30) Facebook login ATO

(00:27:45) When URL parsers disagree

(00:34:34) URL Structures

(01:02:22) Shared secrets across environments

(01:09:40) Social Media Logins