AI-powered
podcast player
Listen to all your favourite podcasts with AI-powered features
10min chapter
Episode 97: Bcrypt Hash Input Truncation & Mobile Device Threat Modeling
Critical Thinking - Bug Bounty Podcast
Concealing Payloads in URLs
This chapter explores the subtle techniques of hiding payloads within URL credentials, elucidating how they can be masked in the URL structure while remaining accessible. The discussion extends to the potential for exploiting these methods through DOM manipulation, focusing on differences in web browser behaviors and the implications for security. A key highlight is the introduction of the Lightyear tool, which enhances PHP filter chain exploitation by allowing larger file dumps without triggering typical warnings.
00:00
Transcript
Episode notes
Get the Snipd
podcast app
Unlock the knowledge in podcasts with the podcast player of the future.
AI-powered
Discover
highlights
Listen to the best highlights from the podcasts you love and dive into the full episode
Save any
moment
Hear something you like? Tap your headphones to save it with AI-generated key takeaways
Share
& Export
Send highlights to Twitter, WhatsApp or export them to Notion, Readwise & more
AI-powered
podcast player
Listen to all your favourite podcasts with AI-powered features
Discover
highlights
Listen to the best highlights from the podcasts you love and dive into the full episode