Critical Thinking - Bug Bounty Podcast

Episode 54: White Box Formulas - Vulnerable Coding Patterns

Jan 18, 2024

Justin and Joel discuss vulnerable code patterns, a recent GitLab CVE, and invisible prompt injection. They announce a new podcast companion, HackerNotes, and address the importance of data analysis in bug bounty programs. The discussion covers coding vulnerabilities in Ruby, prompt injection vulnerabilities, identifying vulnerable code patterns in PHP, and ensuring proper control flow for security.

01:12:38

Creator website

AI Summary

AI Chapters

Episode notes

Podcast summary created with Snipd AI

Quick takeaways

HTML sanitization followed by URL decoding can nullify sanitization efforts, exposing vulnerabilities.

Data flow control and chain of custody awareness are vital in code review to prevent reintroducing vulnerabilities.

Identifying flawed code patterns, like ineffective sanitization, can improve code analysis efficiency for pinpointing vulnerabilities.

Deep dives

Sanitization followed by Modification

Sanitizing HTML and then immediately URL decoding the data can render the sanitization ineffective, as the decoding process can undo the effects of the sanitization function. This pattern reflects a lack of understanding or a flawed implementation of data manipulation that can potentially reintroduce vulnerabilities that the sanitization was meant to address.

Introduction

2min

Exploring Bug Bounty Program Data Analysis

19min

Coding Vulnerabilities and Ruby Code Flaws

9min

Discussion on Tag Characters, Invisible Characters, and Unicode Manipulation for Prompt Injection Vulnerabilities

3min

Identifying Vulnerable Code Patterns in PHP

15min

Ensuring Proper Control Flow in Coding for Security

2min

Exploring Vulnerable Coding Patterns and Regex Practices

14min

PHP Vulnerabilities and Type Confusion

8min

Episode 54: In this episode of Critical Thinking - Bug Bounty Podcast Justin and Joel are back with news items and new projects. Joel shares about his personal scraping project to gather data on bug bounty programs and distribution Next, they announce the launch of HackerNotes, a podcast companion that will summarize the main technical points of each episode. They also discuss a recent GitLab CVE and an invisible prompt injection, before diving into a discussion (or debate) about vulnerable code patterns.

We're new to this podcasting thing, so feel free to send us any feedback here: info@criticalthinkingpodcast.io

Shoutout to YTCracker for the awesome intro music!

------ Links ------

Follow your hosts Rhynorater & Teknogeek on twitter:

https://twitter.com/0xteknogeek

https://twitter.com/rhynorater

------ Ways to Support CTBBPodcast ------

Hop on the CTBB Discord at https://ctbb.show/discord!

We also do Discord subs at $25, $10, $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.

Gitlab CVE

https://github.com/Vozec/CVE-2023-7028

https://about.gitlab.com/releases/2024/01/11/critical-security-release-gitlab-16-7-2-released/

Fix commit: https://gitlab.com/gitlab-org/gitlab/-/commit/abe79e4ec437988cf16534a9dbba81b98a2e7f18

Invisible Prompt Injection

https://x.com/goodside/status/1745511940351287394?s=20

Regex 101

https://regex101.com

Regex to Strings

https://www.wimpyprogrammer.com/regex-to-strings/

Timestamps

(00:00:00) Introduction