Posts tagged 'Bounty Podcast'

• 103 - GitLab Prototype Pollution and Some Authentication Bypasses

  30 November 2021

  Short but sweet episode this week, prototype pollution, crypto issues, SSRF and some weird authentication.

• 101 - Big Bounties by Exploiting WebKit's CSP & Concrete CMS Bugs

  23 November 2021

  What happens when a vendor refused to fix your bug? Well you can go claim a bunch of bounties with it. We also talk about some novel request smuggling research on this episode.

• 99 - Rust in the Web? A Special Guest and some Bad Crypto

  16 November 2021

  We are joined by Bastian Gruber to start the episode with a discussion about Rust. Then we'll dive into a few interesting vulnerabilities this week including yet another ECDSA implementation issue and some header smuggling research.

• 97 - A MacOS SIP Bypass & an XSS Fiesta

  09 November 2021

  A discussion heavy episode this week, starting off with the "new" Trojan Source attackers, and then talking about a handful of interesting vulnerabilities.

• 95 - Discourse SNS RCE, a Stored XSS in GitLab, and a Reddit Race Condition

  02 November 2021

  A couple unique vulns this week involving getting extra coins on Reddit, and bypassing certificate checking for a Discourse RCE.

• 93 - A Slack Attack and a MySQL Scientific Notation Bug

  26 October 2021

  Just four bugs this week, but that all are somewhat interesting, from an Instagram 2FA removal, deanonymizing Slack users, a MySQL bug, and how to get cheap reddit coins.

• 91 - WebSocket Hijacking, GitHub review bypass and SQLi to RCE

  19 October 2021

  Just a handful of traditional vulns this week: IDOR, CSRF, SQLi, a logic vuln and zi's boomer side starts to show.

• 89 - SharePoint RCE & an Apache Path Traversal

  12 October 2021

  A simple to exploit path traversal in Apache...in 2021, a one-time-password defeat by having it be send to the attacker and victim, and more JWT issues.

• 87 - Gatekeeper Bypass, Opera RCE, and Prototype Pollution

  05 October 2021

  A few interesting issues this week, ranging from a macOS Gatekeeper bypass, some oauth flow issues in Facebook, and even an RCE through the password field.

• 85 - iOS 0days, Apache Dubbo RCEs, and NPM bugs

  28 September 2021

  Some of Apple's XPC services are leaking information, Finder has an RCE, and some CodeQL use to find many RCEs in Apache Dubbo.

• 83 - A Flickr CSRF, GitLab, & OMIGOD, Azure again?

  21 September 2021

  Some high impact vulnerabilities this week, CSRF in account deletion, remote code execution as root, and an apache "0day" that discloses PHP source.

• 81 - Reused VMWare exploits & Escaping Azure Container Instances

  14 September 2021

  Some drama with the VMWare bounty program, and then a few straight forward vulnerabilities and a really cool Azure Container Instances escape and takeover.

• 79 - Takeover a Facebook, SnapChat or JetBrains account

  06 September 2021

  Multiple account takeover vulnerabilities in this episode with three cross-origin communication vulnerabilities in Facebook, an odd OTP endpoint in SnapChat and an open redirect in JetBrains leaking your JWT.