Episode 2: Exploit Writing & Automation / Do you need to know how to program to hack?
Critical Thinking - Bug Bounty Podcast
00:00
How Do I Exploit a Post Request?
"I found out how to do it. Um, and how, how I did it was this," he says. "We pop open a new tab, it's pointing to my server." And then issue a three oh seven redirect to the target page where the vulnerability live. Now because that XSS on the new tab is, is triggered, um, we're logged out but there's still a reference using through the window.opener to access the previous site. That session token does not get invalidated when the logout function is called.
Transcript
Play full episode
