Episode 9: Headless Browser SSRF & RebindMultiA Tool Release + Web3 Bug
Critical Thinking - Bug Bounty Podcast
00:00
How to Hack a Web View on an Iot Device
I was just looking at the way that it handles hcp requests and such looks like there's a really ripe um Attack surface there. I do a similar thing with iot devices where you can force a A web view to pop up with captive portals. Joel told me about that technique Uh a while back and I used it on an iot device and it worked quite well so definitely don't forget that one. There's a remote or dash dash remote debugging port that you can put into enable remote debug on On on the chromium instance which opens up some interesting endpoints.
Transcript
Play full episode
