Episode 28: Surfin' with CSRFs
Critical Thinking - Bug Bounty Podcast
00:00
Exploitation Techniques for Mobile C Surf
A lot of that stuff we talked about during the mobile app, um, episode, but I think generally it's the same kind of stuff that you'd already be looking for. So JavaScript bridges, expose URL schemas. If there is any kind of internal web view, the non-exposed URL schemas are also a good target for that. And you may be able to escalate that further to do who knows what,. We'll talk more about bugs when we talk about our specific bugs.
Transcript
Play full episode
