Episode 27: Top 7 Esoteric Web Vulnerabilities
Critical Thinking - Bug Bounty Podcast
00:00
How to Avoid Cookie Jar Overflow
If you cookie bomb the endpoint where that OAuth code is getting returned to, when it goes to that page, it's going to fail. You can still reach into that page and pull the code out of there which would allow you to get, escalate your XSS to ATO. It's just such a, such a great technique. Yeah. And like 10,000,000, the cookie jar overflow, which is kind of similar in like sending too many cookies or like, yeah, sort of overflowing how the browser is behaving. But you actually have a whole tool for this, which I did not know about called check cookie jar overflow. That was like a lot of call that
Transcript
Play full episode
