Youssef Sammouda - Client-Side & ATO War Stories (Ep. 58)

00:02 Youssef's passion lies in client-side stuff with a focus on bounty hunting and OAuth.
02:34 Focus on achieving maximum impact through account takeover on client-side
07:09 Client-side post message changes origin with trust established
09:15 Client-side attack involves redirecting tabs and optimizing timing for exploit
13:44 Post message communication and race conditions
16:22 Client-side attack techniques like pop under and brute forcing using post message
20:09 Detecting and exploiting cross-site leaks
22:27 Encouraging deep exploration of programs for bug bounty success
26:49 Discussion on potential risks and vulnerabilities related to client-side page routing and redirection
28:59 Using JavaScript to control and change page elements
33:15 Understand security threats and strategies
35:16 Client-side code usage and note-keeping
39:25 Exploiting s for ATO and high pay targets is worth the extra effort.
41:21 Account takeover detection triggers
45:47 Facebook uses the JavaScript SDK for client-side chat plugin with security vulnerabilities.
48:18 Leaking random math do values from page to predict or reverse engineer IDs.
52:47 The vulnerability of using Math.random and the availability of a secure random class in JavaScript
54:36 Focus on identifying XSS sources and sinks.
58:39 Client-Side Attacks in Account Takeover (ATO)
1:00:41 Exploring the manipulation of same site cookie policies for creating separate browser sessions.
1:04:10 Understanding domain bridging for vulnerabilities
1:06:26 Message ports and their security measures in cross-origin communication
1:10:57 Using an object for the 'Target origin' can bypass string checks.
1:12:55 Client-side transferable objects and memory ownership
1:16:38 Discussion on referencing open windows in a same-origin scenario.
1:18:30 Understanding the window name and the opener property in JavaScript
1:22:42 Managing JavaScript packages and modules
1:24:48 Hashing used for code structure and function references
1:29:18 Programmatic parsing of code for function definitions and object retrieval.
1:30:59 Custom scripts need to be tailored for each target.
1:34:25 Discussion on lazy loading JavaScript
1:36:11 Creating a function to dynamically generate and extract data
1:39:49 Research on mobile app security and vulnerabilities
1:42:27 Unauthorized access risk in Instagram application
1:46:52 Attacker page's slow response leads to failure in checking page change
1:48:33 Using mitm proxy for browser navigation and web scraping
1:52:29 Using a simpler approach for requesting and responding to client-side interactions
1:54:06 Impressed with technical knowledge and bug stories

My brain exploded like 5 times, listening to this talk 😂 Love the depth of client side bugs explained. Really appreciate pushing quality content like this to the community!

Awesome talk enjoying

I love the passion

yay 🤩

Dzaaaaamn...the facebook hacker guy🔥🔥🔥

Ou my goooooooooooooood

Yousuf is really a great hacker masha Allah

wow wow wow

mic name please ??

sammouda you are my idol 🪬 🇹🇳

you do a great job with the channel. thank you! that being said, for the love of god, would you let the man speak?

ROY KENT is now a hacker ??