Critical Thinking - Bug Bounty Podcast cover image

Episode 11: CV$$, Web Cache Deception, and SSTI

Critical Thinking - Bug Bounty Podcast

00:00

The Threat Model Isn't Built Around Projecting IDs

The threat model isn't built around protecting these IDs and these being sensitive pieces of information so you shouldn't treat them like they are. The most convincing argument that I've heard though for engineering in that scenario is that what if I took that UUID and I put it in an authorization bearer or put it as your session token, right? Then then, you know, it would just be like your swapping cookies and that's not a bug. That sort of makes sense, but it's not doing it for me. It came out that that's what I've been meaning to say this whole time.

Transcript
Play full episode

The AI-powered Podcast Player

Save insights by tapping your headphones, chat with episodes, discover the best highlights - and more!
App store bannerPlay store banner
 Get the app