Episode 130: In this episode of Critical Thinking - Bug Bounty Podcast Justin is joined by Valentino, who shares his journey from hacking Minecraft to becoming a Google hunter. He talks us through several bugs, including an HTML Sanitizer bypass and .NET deserialization, and highlights the hyper creative approaches he tends to employ.
Follow us on twitter at: https://x.com/ctbbpodcast
Got any ideas and suggestions? Feel free to send us any feedback here: info@criticalthinkingpodcast.io
Shoutout to YTCracker for the awesome intro music!
====== Links ======
Follow your hosts Rhynorater and Rez0 on Twitter:
https://x.com/Rhynorater
https://x.com/rez0__
====== Ways to Support CTBBPodcast ======
Hop on the CTBB Discord at https://ctbb.show/discord!
We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.
You can also find some hacker swag at https://ctbb.show/merch!
Today's Sponsor: ThreatLocker - Patch Management
https://www.criticalthinkingpodcast.io/TL-patch-management
Today’s Guest: Valentino - https://blog.3133700.xyz/
====== Resources ======
JMX Manager
Stored XSS in reclamos
Command Injection in Vertex AI
whitepaper-net-deser.pdf
free-after-use.go
A Journey Into Finding Vulnerabilities in the PMB Library Management System
emulated-register_globals.php
====== Timestamps ======
(00:00:00) Introduction
(00:02:38) JMXProxy Bug Story
(00:09:46) Intro to Valentino
(00:29:08) HTML Sanitizer bypass on MercadoLibre
(00:37:16) Command injection in Vertex AI
(00:44:10) .NET deserialization, & Argument injection to LFR, & Free after use
(00:51:33) Luck, creativity, and evolution as Hacker
(00:59:31) Issues in file extension validation components, Emulated register_globals, & AI Hacking
