Episode 27: Top 7 Esoteric Web Vulnerabilities

Episode 27: In this episode of Critical Thinking - Bug Bounty Podcast, we've switched places and now Joel is home while Justin is on the move. We break down seven esoteric web vulnerabilities, and talk Cookies, Config File Injections, Client-side path traversals and more. We also briefly discuss appliance hacking, new tools, and shout out some new talent in the hacking space. Don't miss this episode full of cool vulns, and experience Justin's vocal decline in real time.Follow us on twitter at: @ctbbpodcastWe're new to this podcasting thing, so feel free to send us any feedback here: info@criticalthinkingpodcast.ioShoutout to YTCracker for the awesome intro music!------ Links ------Follow your hosts Rhynorater & Teknogeek on twitter:https://twitter.com/0xteknogee....khttps://twitter.com Doesn't Mean Authenticated:https://blog.assetnote.io/2023..../07/04/citrix-sharef about headless chrome browserhttps://twitter.com/bhavukjain1/status/1678719047209484288?t=NWnZvwHTRMyH_lVC-uXe0g&s=19Shout out to new talent within the hacking spacehttps://twitter.com/haxrobhttp....s://twitter.com/atc1 about hacking Google Search Appliancehttps://twitter.com/orange_836....1/status/16773784019 releases shortscan https://twitter.com/bitquark/s....tatus/16776474509898 Starbuckshttps://samcurry.net/hacking-s....tarbucks/Justin' CookieJar Toolhttps://apps.rhynorater.dev/ch....eckCookieJarOverflow Introduction(00:04:00) Assetnote on ShareFile RCE(00:13:05) Headless Browsers(00:17:00) Hacker Content Creators(00:22:51) Appliance Hacking (00:30:31) Shortscan Release(Start of main content)(00:35:39) Config File Injection(00:44:00) Client-side Path Traversal(00:51:33) Cookie Bombing(00:58:00) Cookie Jar Overflow(01:03:50) XSLeak(01:10:49) UNC Path Injection(01:15:50) Impactful Link Hijack