Episode 28: Surfin' with CSRFs
Critical Thinking - Bug Bounty Podcast - A podcast by Justin Gardner (Rhynorater) & Joel Margolis (teknogeek) - Thursdays
Categories:
Episode 28: In this episode of Critical Thinking - Bug Bounty Podcast, the CSRF’s up, dude! We kick off with a debate about whether or not deep link vulns in mobile apps can be considered CSRF. We also talk browser extensions and tools like Hackbar, PwnFox, and JS Weasel, and Justin tries to invent a whole new vuln term. There’s plenty of good stuff here, so what are you waiting for? Jump on in!Follow us on twitter at: @ctbbpodcastWe're new to this podcasting thing, so feel free to send us any feedback here: [email protected] to YTCracker for the awesome intro music!------ Links ------Follow your hosts Rhynorater & Teknogeek on twitter:https://twitter.com/0xteknogeekhttps://twitter.com/rhynoraterrez0's latest tiphttps://twitter.com/rez0__/status/168134822190014466019Hackbarhttps://addons.mozilla.org/en-US/firefox/addon/hackbartool/PwnFoxhttps://twitter.com/adrien_jeanneau/status/1681364665354289152JS Weaselhttps://www.jswzl.io/Charlie Eriksenhttps://twitter.com/CharlieEriksenLink to talk by Rojanhttps://twitter.com/uraniumhacker/status/1681381857383030785Bypassing GitHub's OAuth flowhttps://blog.teddykatz.com/2019/11/05/github-oauth-bypass.htmlGreat SameSite Confusionhttps://jub0bs.com/posts/2021-01-29-great-samesite-confusion/Check out Nahamsec's Channelhttps://www.youtube.com/c/nahamsecTimestamps:(0:01:45) The deep link debate(00:08:00) LHE and in-person interviews(00:09:25) SQLMAP and raw requests(00:11:11) Hackbar, PwnFox, and browser extensions(00:16:45) JS Weasel tool and its features(00:25:28) Rojan's Research and Public Talks(Start of main content)(00:28:36) Cross-Site Request Forgery (CSRF)(00:35:00) Bypassing GitHub's OAuth flow(00:45:00) A Small SameSite Story(00:48:50) CSRF Exploitation Techniques(01:07:15) CSRF Bug Stories(01:15:30) NahamSec and DEFCON