Critical Thinking - Bug Bounty Podcast Episode 79: The State of CSS Injection - Leaking Text Nodes & HTML Attributes
Jul 11, 2024
YTCracker, an artist acclaimed for his contributions to music in tech and gaming, joins the conversation on CSS injection techniques. They dissect the art of sequential import chaining and delve into font ligatures that can leak information. The discussion reveals sophisticated strategies for exploiting CSS vulnerabilities, highlighting methods for extracting HTML attributes. Tune in for insights on effective content security measures and the evolving landscape of web technologies, sprinkled with YTCracker's creative flair!
Chapters
Transcript
Episode notes
1 2 3 4 5 6 7 8
Intro
00:00 • 3min
Exploring Chrome Extension Vulnerabilities
02:35 • 15min
Navigating the Transition to Full-Time Bug Bounty Hunting
17:51 • 3min
Innovative Tools for Critical Thinkers: A New Browser Extension
20:45 • 2min
Advancements in CSS Injection Techniques
22:28 • 2min
Exploiting CSS Injection for Data Exfiltration
24:45 • 15min
Exploring Font Ligatures and CSS Intricacies
39:29 • 19min
Understanding CSS Injection Techniques
58:25 • 12min