Episode 54: White Box Formulas - Vulnerable Coding Patterns
Critical Thinking - Bug Bounty Podcast - A podcast by Justin Gardner (Rhynorater) & Joel Margolis (teknogeek) - Thursdays
Categories:
Episode 54: In this episode of Critical Thinking - Bug Bounty Podcast Justin and Joel are back with news items and new projects. Joel shares about his personal scraping project to gather data on bug bounty programs and distribution Next, they announce the launch of HackerNotes, a podcast companion that will summarize the main technical points of each episode. They also discuss a recent GitLab CVE and an invisible prompt injection, before diving into a discussion (or debate) about vulnerable code patterns.Follow us on twitter at: @ctbbpodcastWe're new to this podcasting thing, so feel free to send us any feedback here: [email protected] to YTCracker for the awesome intro music!------ Links ------Follow your hosts Rhynorater & Teknogeek on twitter:https://twitter.com/0xteknogeekhttps://twitter.com/rhynorater------ Ways to Support CTBBPodcast ------Sign up for Caido using the referral code CTBBPODCAST for a 10% discount.Hop on the CTBB Discord at https://ctbb.show/discord!We also do Discord subs at $25, $10, $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.Gitlab CVEhttps://github.com/Vozec/CVE-2023-7028https://about.gitlab.com/releases/2024/01/11/critical-security-release-gitlab-16-7-2-released/Fix commit: https://gitlab.com/gitlab-org/gitlab/-/commit/abe79e4ec437988cf16534a9dbba81b98a2e7f18Invisible Prompt Injectionhttps://x.com/goodside/status/1745511940351287394?s=20Regex 101https://regex101.comRegex to Stringshttps://www.wimpyprogrammer.com/regex-to-strings/Timestamps(00:00:00) Introduction(00:01:54) Joel’s H1 Data Scraping Research(00:19:23) HackerNotes launch(00:21:29) Gitlab CVE(00:27:45) Invisible Prompt Injection(00:33:52) Vulnerable Code Patterns(00:37:51) Sanitization, but then modification of data afterward(00:45:39) Auth check inside body of if statement(00:48:15) sCheck for bad patterns with if, but then don't do any control flow(00:50:21) Bad Regex(01:00:36) Replace statements for sanitization(01:04:32) Anything that allows you to call functions or control code flow in uncommon ways