Bug Bounty Mental - Practical Tips for Staying Sharp & Motivated (Ep.77)
HTML-код
- Опубликовано: 11 июл 2024
- Episode 77: In this episode of Critical Thinking - Bug Bounty Podcast Joel and Justin discuss some fresh writeups including some MongoDB injections, ORMs, and exploits in Kakao and iOS before pivoting into a conversation about staying motivated and avoiding burnout while hunting.
Follow us on twitter at: / ctbbpodcast
We're new to this podcasting thing, so feel free to send us any feedback here: info@criticalthinkingpodcast.io
Shoutout to / realytcracker for the awesome intro music!
====== Links ======
Follow your hosts Rhynorater & Teknogeek on twitter:
/ 0xteknogeek
/ rhynorater
====== Ways to Support CTBBPodcast ======
Hop on the CTBB Discord at ctbb.show/discord!
We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.
Resources:
MongoDB NoSQL Injection
soroush.me/blog/2024/06/mongo...
Mongo DB Is Web Scale
• Episode 1 - Mongo DB I...
1-click Exploit in Kakao
stulle123.github.io/posts/kak...
Unsecure time-based secret and Sandwich Attack
www.aeth.cc/public/Article-Re...
Reset Tolkien
github.com/AethliosIK/reset-t...
iOS URL Scheme Hijacking Revamped
evanconnelly.github.io/post/i...
PLORMBING YOUR DJANGO ORM
www.elttam.com/blog/plormbing...
Timestamps:
(00:00:00) Introduction
(00:02:07) MongoDB NoSQL Injection
(00:12:42) 1-click Exploit in Kakao
(00:33:21) Time-based secrets and Reset Tolkien
(00:39:26) iOS URL Scheme Hijacking Revamped
(00:51:42) ORMs
(00:58:57) Community Bug Submission
(01:07:45) Motivation, Mental Sharpness, and Burnout avoidance Наука
Hey guys! Thanks for always delivering everyweek! It's been part of my weekly routine for months and have already watched all of the episodes. Keep grinding, we all appreciate you!
Our pleasure!
I agree about the dupe thing. I spent days working on an RCE and finally got it. But it ended up being a dupe.
But in the time I spent looking for the information to exploit the RCE I found other bugs that got accepted. So it wasn’t a total loss
I love you guys' podcast. This is so incredibly valuable. Thank you.
So glad you enjoy it - we make it for you! ❤️
맨날쓰던 어플에 이런 취약점이 있었다니..
My bug bounty dads 🥰😂
❤️
You guys should also do live recon.
This is news to me, hearing english (justin talking about calories and diets) from these guys, never knew they could speak
🤯
Vote for James Kettle Episode
First
Second
Third
Fourth
Fifth
Six