Episode 17: LA Live Chat with Five Legendary Hackers
Critical Thinking - Bug Bounty Podcast
00:00
How to Use Unicode Characters in SSO Implementations
Hackers used a tiny Unicode character to bypass Google's security system. The code was created using the ordinal indicator a, which looks like a unicorn but is super small. They then tried four hundred subdomains in an attempt to get around SSO systems. It took them three hours and 28 k dollars to hack all of it.
Transcript
Play full episode
