Critical Thinking - Bug Bounty Podcast cover image

Episode 11: CV$$, Web Cache Deception, and SSTI

Critical Thinking - Bug Bounty Podcast

00:00

How to Find a Cool Bug on Outlook

This is an exercise of what it looked like to find a cool bug on Outlook. Read the documentation. They used a message kit library to craft the correct file that they would need to exploit this and send that message along. And then when opened by Outlook, it would trigger the UNC path,. If you have any way to make a desktop application open a specified file path on Windows, then you can leak the NTLM V2 hash.

Transcript
Play full episode

The AI-powered Podcast Player

Save insights by tapping your headphones, chat with episodes, discover the best highlights - and more!
App store bannerPlay store banner
 Get the app