Critical Thinking - Bug Bounty Podcast Episode 32: The Great Write-up Low-down
Aug 17, 2023
Topics discussed in this podcast include web race conditions, exploiting sub states in state machines, mismatched confirmation codes, a tool for enumerating Windows short names, hacking rewards programs, Mac-based authentication challenges, the sandwich attack for password reset endpoints, tight security measures, and finishing a real estate venture to focus on the podcast and bug bounty hunting.
Chapters
Transcript
Episode notes
1 2 3 4 5 6 7
Introduction
00:00 • 3min
State Machine Flow and Exploiting Sub States
02:44 • 11min
Mismatched Confirmation Code
13:48 • 17min
Tool for enumerating Windows short names and Sam Curry's recent write-up on points.com
30:33 • 5min
JavaScript files and Mac-based authentication
35:26 • 20min
The Zero Click Attack with Sandwich Exploiting UUIDs
55:15 • 4min
Tight Security Measures, Write-up, and Real Estate
59:18 • 2min