Critical Thinking - Bug Bounty Podcast cover image

Episode 19: Audit Code, Earn Bounties (Part 2) + Zip-Snip, Sitecore, and more!

Critical Thinking - Bug Bounty Podcast

00:00

How to Use Dot Zip to Trick People Into Visiting a Domain

An operator put together a proof of concept that shows, okay, like imagine I send you this command, this W get command. It just downloads like a zip from the GitHub releases and then it unzips it. You unzip it and it's got their pwned content in it. But yeah, they own dot zip as well. Like this dot TLD or this TLD. And they released it to the public. So you can register domains on the dot zip.

Play episode from 04:46
Transcript

The AI-powered Podcast Player

Save insights by tapping your headphones, chat with episodes, discover the best highlights - and more!
App store bannerPlay store banner
 Get the app