Episode 92 - SAML XPath Confusion, Chinese DNS Poisoning, and AI Powered 403 Bypasser
Description
Episode 92: In this episode of Critical Thinking - Bug Bounty Podcast In this episode Justin and Joel tackle a host of new research and write-ups, including Ruby SAML, 0-Click exploits in MediaTek Wi-Fi, and Vulnerabilities caused by The Great Firewall
Follow us on twitter at: @ctbbpodcast
We're new to this podcasting thing, so feel free to send us any feedback here: info@criticalthinkingpodcast.io
Shoutout to YTCracker for the awesome intro music!
------ Links ------
Find the Hackernotes: https://blog.criticalthinkingpodcast.io/
Follow your hosts Rhynorater & Teknogeek on twitter:
https://twitter.com/0xteknogeek
https://twitter.com/rhynorater
------ Ways to Support CTBBPodcast ------
Hop on the CTBB Discord at https://ctbb.show/discord!
We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.
Today’s Sponsor - ThreatLocker. Checkout their ThreatLocker Detect! https://www.criticalthinkingpodcast.io/tl-detect
Resources:
Ruby-SAML / GitLab Authentication Bypass
0-Click exploit discovered in MediaTek Wi-Fi chipsets
New Caido Plugin to Generate Wordlists
Arb Read & Arb write on LLaMa.cpp by SideQuest
XSS WAF Bypass One payload for all
Timestamps
(00:00:00 ) Introduction
(00:02:08 ) Vulnerabilities Caused by The Great Firewall
(00:07:25 ) Ruby SAML Bypass
(00:19:55 ) 0-Click exploit discovered in MediaTek Wi-Fi chipsets
(00:24:36 ) New Caido Wordlist Plugin
(00:35:37 ) Arb Read & Arb write on LLaMa.cpp by SideQuest
(00:43:10 ) Helpful WAF Bypass
United States
