Скачать с ютуб Youssef Sammouda - Client-Side & ATO War Stories (Ep. 58) в хорошем качестве

Youssef Sammouda - Client-Side & ATO War Stories (Ep. 58)

Episode 58: In this episode of Critical Thinking - Bug Bounty Podcast we finally sit down with Youssef Samouda and grill him on his various techniques for finding and exploiting client-side bugs and postMessage vulnerabilities. He shares some crazy stories about race conditions, exploiting hash change events, and leveraging scroll to text fragments. Follow us on twitter at:   / ctbbpodcast   We're new to this podcasting thing, so feel free to send us any feedback here: [email protected] Shoutout to   / realytcracker   for the awesome intro music! ====== Links ====== Follow your hosts Rhynorater & Teknogeek on twitter:   / 0xteknogeek     / rhynorater   ====== Ways to Support CTBBPodcast ====== Sign up for https://caido.io/ using the referral code CTBBPODCAST for a 10% discount. Hop on the CTBB Discord at https://ctbb.show/discord! We also do Discord subs at $25, $10, $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc. Today’s Guest: https://twitter.com/samm0uda?lang=en https://ysamm.com/ Resources: Client-side race conditions with postMessage: https://ysamm.com/?p=742 Transferable Objects: https://developer.mozilla.org/en-US/d... Every known way to get references to windows, in JavaScript:   / every-known-way-to-get-references-to-windo...   Timestamps: (00:00:00) Introduction (00:04:27) Client-side race conditions with postMessage (00:18:12) On Hash Change Events and Scroll To Text Fragments (00:32:00) Finding, documenting, and reporting complex bugs (00:37:32) PostMessage Methodology (00:45:05) Youssef's Vuln Story (00:53:42) Where and how to look for ATO vulns (01:05:21) MessagePort (01:14:37) Window frame relationships (01:20:24) Recon and JS monitoring (01:37:03) Client-side routing (01:48:05) MITMProxy