Optimizing FontLeak payloads for constrained CSPs

Episode 141: In this episode of Critical Thinking - Bug Bounty Podcast Justin sits down with Nick Copi to talk about CSPT, React, CSS Injections and how Nick hacked the pod.

Follow us on twitter at: https://x.com/ctbbpodcast

Got any ideas and suggestions? Feel free to send us any feedback here: info@criticalthinkingpodcast.io

Shoutout to YTCracker for the awesome intro music!

====== Links ======

Follow your hosts Rhynorater and Rez0 on Twitter:

https://x.com/Rhynorater

https://x.com/rez0__

====== Ways to Support CTBBPodcast ======

Hop on the CTBB Discord at https://ctbb.show/discord!

We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.

You can also find some hacker swag at https://ctbb.show/merch!

Today's Sponsor: ThreatLocker. Check out ThreatLocker DAC

https://www.criticalthinkingpodcast.io/tl-dac

Today’s Guest: https://x.com/7urb01

====== Resources ======

regexploit

https://github.com/doyensec/regexploit

Fontleak

https://adragos.ro/fontleak/

debug(function)

https://developer.chrome.com/docs/devtools/console/utilities#debug-function

domloggerpp

https://github.com/kevin-mizu/domloggerpp

====== Timestamps ======

(00:00:00) Introduction

(00:02:40) Google Docs Bug and 7urb0 Introduction

(00:13:26) Bring-a-bug story

(00:20:21) 7urb0's DEFCON talk teaser & Intrusive Thoughts Worth Sharing

(00:30:01) CSPTs and React Apps

(00:51:31) CSS Injections

(01:04:55) 7urb0's backstory and game hacking

(01:18:33) Worst Crit