Critical Thinking - Bug Bounty Podcast

Episode 92 - SAML XPath Confusion, Chinese DNS Poisoning, and AI Powered 403 Bypasser

Oct 10, 2024

A deep dive into cybersecurity reveals startling insights about vulnerabilities like SAML exploitation and DNS poisoning linked to China's Great Firewall. Discover a groundbreaking 0-click exploit within MediaTek chipsets that could endanger Android and IoT devices. The conversation highlights innovative AI-enhanced tools for web fuzzing and discusses community efforts to navigate CSP bypass techniques. Plus, tips for budding researchers on overcoming common challenges in vulnerability assessments add an inspiring touch!

47:38

Creator website

AI Summary

AI Chapters

Episode notes

Podcast summary created with Snipd AI

Quick takeaways

The Great Firewall of China's DNS poisoning vulnerabilities emphasize the critical need for careful data scrutiny to enhance security measures.

Recent advancements in AI-driven security tools, like the Kaido plugin, are transforming vulnerability exploration through increased automation and customization for researchers.

Deep dives

The ThreatLocker Experience

A hypothetical scenario illustrates the effectiveness of ThreatLocker systems, particularly for hackers attempting to penetrate internal networks. During a penetration test, an unauthorized user tries to access a passwords.txt file, only to have their shell drop immediately upon access, indicating a security measure in place. This showcases how ThreatLocker can lock down a machine completely, preventing further unauthorized actions. The amusing tone suggests that if hackers experience such protection, they might consider seeking assistance from ThreatLocker’s support for their 'traumas.'

Intro

2min

DNS Poisoning and SAML Vulnerabilities Unveiled

16min

Navigating Challenges in Cybersecurity Research

2min

Exploring MediaTek Vulnerabilities

5min

Enhancements in Web Fuzzing Tools

7min

Navigating CSP Bypass Techniques and AI Vulnerabilities

14min

Techniques and Tools for Web Application Firewall Bypasses

2min

Episode 92: In this episode of Critical Thinking - Bug Bounty Podcast In this episode Justin and Joel tackle a host of new research and write-ups, including Ruby SAML, 0-Click exploits in MediaTek Wi-Fi, and Vulnerabilities caused by The Great Firewall

We're new to this podcasting thing, so feel free to send us any feedback here: info@criticalthinkingpodcast.io

Shoutout to YTCracker for the awesome intro music!

------ Links ------

Find the Hackernotes: https://blog.criticalthinkingpodcast.io/

Follow your hosts Rhynorater & Teknogeek on twitter:

https://twitter.com/0xteknogeek

https://twitter.com/rhynorater

------ Ways to Support CTBBPodcast ------

Hop on the CTBB Discord at https://ctbb.show/discord!

We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.

Today’s Sponsor - ThreatLocker. Checkout their ThreatLocker Detect! https://www.criticalthinkingpodcast.io/tl-detect

Resources:

Insecurity through Censorship

Ruby-SAML / GitLab Authentication Bypass

0-Click exploit discovered in MediaTek Wi-Fi chipsets

New Caido Plugin to Generate Wordlists

Bebik’s 403 Bypassor

CSPBypass

Arb Read & Arb write on LLaMa.cpp by SideQuest

XSS WAF Bypass One payload for all

Timestamps

(00:00:00) Introduction