Critical Thinking - Bug Bounty Podcast

Episode 108: How to Hack Salesforce, ServiceNow, and Other SaaS Products With Aaron Costello

Jan 30, 2025

Aaron Costello, a SaaS security expert known for his insights on misconfigurations, dives into the complexities of hacking Salesforce, ServiceNow, and Power Pages. He humorously contrasts hacker stereotypes with dedicated bug bounty hunters. Discussion includes the dangers of file upload vulnerabilities and the significance of proper access controls. Notably, he explores Sockle injection vulnerabilities and the intricacies of Salesforce Apex classes, while emphasizing collaboration in identifying security flaws across various SaaS platforms. Tune in for practical techniques and insider insights!

01:31:08

Creator website

Episode guests

Aaron Costello

AI Summary

AI Chapters

Episode notes

Podcast summary created with Snipd AI

Quick takeaways

Misconfigurations in SaaS platforms, such as Salesforce and ServiceNow, pose significant risks leading to data exposure and breaches.

Bug bounty programs foster collaboration between companies and ethical hackers, yielding insights into vulnerabilities and enhancing overall security.

Organizations often overlook proper access control management, allowing excessive privileges that can lead to exploitation by community users.

Deep dives

The Importance of SaaS Security

SaaS security is critical in today's digital landscape as organizations increasingly rely on cloud-based services. Misconfigured access controls in SaaS platforms can lead to data breaches, exposing sensitive information. The podcast emphasizes that many companies rushing to implement SaaS solutions often overlook security protocols, creating vulnerabilities. It highlights the role of dedicated security companies, like App Omni, in addressing these issues by providing tools to identify and remediate misconfigurations.

Intro

2min

Exploring Security and SaaS Misconfigurations

2min

Exploiting File Upload Vulnerabilities in SaaS

27min

Security Research Insights on SaaS Vulnerabilities

27min

Understanding Sockle Injection Vulnerabilities

8min

Understanding Salesforce Apex Classes and Payload Structures

4min

Hacking SaaS: Salesforce, ServiceNow, and Power Pages

18min

Exploring SaaS Vulnerabilities and Collaboration in Bug Bounty Hunting

2min

Episode 108: In this episode of Critical Thinking - Bug Bounty Podcast Justin and Joseph bring on Aaron Costello to discuss SaaS security and misconfigurations as a bug class. He also gives some in-depth examples from Salesforce, ServiceNow, and Power Pages.

Got any ideas and suggestions? Feel free to send us any feedback here: info@criticalthinkingpodcast.io

Shoutout to https://x.com/realytcracker for the awesome intro music!

====== Links ======

Follow your hosts on Twitter:

https://x.com/Rhynorater

https://x.com/rez0__

====== Ways to Support CTBBPodcast ======

Hop on the CTBB Discord at https://ctbb.show/discord!

We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.

You can also find some hacker swag at https://ctbb.show/merch!

Today’s Sponsor: AppOmni. Get AppOmni's Definitive Guide to SaaS Security https://www.criticalthinkingpodcast.io/AppOmni

Today’s Guest:

https://x.com/ConspiracyProof

====== Resources ======

Aaron's Blog

https://www.enumerated.ie/

Data Exposure and ServiceNow: The Elephant in the ITSM Room

https://www.enumerated.ie/index/servicenow-data-exposure

Salesforce Lightning - An in-depth look at exploitation vectors for the everyday community

https://www.enumerated.ie/index/salesforce

Lightning Components: A Treatise on Apex