Short but sweet episode this week, prototype pollution, crypto issues, SSRF and some weird authentication.
What happens when a vendor refused to fix your bug? Well you can go claim a bunch of bounties with it. We also talk about some novel request smuggling research on this episode.
We are joined by Bastian Gruber to start the episode with a discussion about Rust. Then we'll dive into a few interesting vulnerabilities this week including yet another ECDSA implementation issue and some header smuggling research.
A discussion heavy episode this week, starting off with the "new" Trojan Source attackers, and then talking about a handful of interesting vulnerabilities.
A couple unique vulns this week involving getting extra coins on Reddit, and bypassing certificate checking for a Discourse RCE.
Just four bugs this week, but that all are somewhat interesting, from an Instagram 2FA removal, deanonymizing Slack users, a MySQL bug, and how to get cheap reddit coins.
Just a handful of traditional vulns this week: IDOR, CSRF, SQLi, a logic vuln and zi's boomer side starts to show.
A simple to exploit path traversal in Apache...in 2021, a one-time-password defeat by having it be send to the attacker and victim, and more JWT issues.
A few interesting issues this week, ranging from a macOS Gatekeeper bypass, some oauth flow issues in Facebook, and even an RCE through the password field.
Some of Apple's XPC services are leaking information, Finder has an RCE, and some CodeQL use to find many RCEs in Apache Dubbo.