Episode 73: Sandboxed IFrames and WAF Bypasses
Critical Thinking - Bug Bounty Podcast
Exploring Techniques with Sandbox IFrames and Frame Communication
The chapter delves into various innovative techniques involving sandboxed IFrames, including bypassing restrictions to access and exfiltrate data and leveraging sandbox attributes and window.open for communication and data access across web pages. Additionally, the discussion covers the concept of iFrame hijacking, highlighting how attackers can manipulate frame names and origins to deceive users into authorizing actions in deceptive iframes, leading to potential security vulnerabilities in web applications.
00:00
Transcript
Play full episode
Remember Everything You Learn from Podcasts
Save insights instantly, chat with episodes, and build lasting knowledge - all powered by AI.
