Episode 76: In this episode of Critical Thinking - Bug Bounty Podcast we’re talking about Match and Replace and the often overlooked use cases for it, like bypassing paywalls, modifying host headers, and storing payloads. We also talk about the HackerOne Ambassador World Cup and the issues with dupe submissions, and go through some write-ups.
Follow us on twitter at: / ctbbpodcast
We're new to this podcasting thing, so feel free to send us any feedback here: info@criticalthinkingpodcast.io
Shoutout to / realytcracker for the awesome intro music!
====== Links ======
Follow your hosts Rhynorater & Teknogeek on twitter:
/ 0xteknogeek
/ rhynorater
====== Ways to Support CTBBPodcast ======
Hop on the CTBB Discord at ctbb.show/discord!
We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.
Resources:
Zoom Session Takeover
nokline.github.io/bugbounty/2...
SharePoint XXE
x.com/thezdi/status/179620701...
Shazzer
shazzer.co.uk/
Timestamps:
(00:00:00) Introduction
(00:05:06) H1 Ambassador World Cup
(00:13:57) Zoom ATO bug
(00:33:28) SharePoint XXE
(00:39:36) Shazzer
(00:46:36) Match and Replace
(01:13:01) Match and Replace in Mobile
(01:21:13) Header Replacements