Critical Thinking - Bug Bounty Podcast cover image

Episode 97: Bcrypt Hash Input Truncation & Mobile Device Threat Modeling

Critical Thinking - Bug Bounty Podcast

00:00

Concealing Payloads in URLs

This chapter explores the subtle techniques of hiding payloads within URL credentials, elucidating how they can be masked in the URL structure while remaining accessible. The discussion extends to the potential for exploiting these methods through DOM manipulation, focusing on differences in web browser behaviors and the implications for security. A key highlight is the introduction of the Lightyear tool, which enhances PHP filter chain exploitation by allowing larger file dumps without triggering typical warnings.

Transcript
Play full episode

The AI-powered Podcast Player

Save insights by tapping your headphones, chat with episodes, discover the best highlights - and more!
App store bannerPlay store banner
Get the app