Episode 149: DEFCON Debrief: AI Vulns, Unicode Weirdness, and Wild Vulnerability Chains

NOV 20, 202562 MIN

Episode 149: DEFCON Debrief: AI Vulns, Unicode Weirdness, and Wild Vulnerability Chains

NOV 20, 202562 MIN

Description

Episode 149: In this episode of Critical Thinking - Bug Bounty Podcast The DEFCON videos are up, and Justin and Joseph talk through some of their favorites.Follow us on <a target="_blank" rel="noopener noreferrer nofollow" href="https://x.com/ctbbpodcast">X</a>Got any ideas and suggestions? Feel free to send us any feedback here: <a target="_blank" rel="noopener noreferrer nofollow" href="mailto:[email protected]">[email protected]</a>Shoutout to<a target="_blank" rel="noopener noreferrer nofollow" href="https://twitter.com/realytcracker"> YTCracker</a> for the awesome intro music!====== Links ======Follow your hosts <a target="_blank" rel="noopener noreferrer nofollow" href="https://x.com/Rhynorater">Rhynorater</a>, <a target="_blank" rel="noopener noreferrer nofollow" href="https://x.com/rez0__">rez0</a> and <a target="_blank" rel="noopener noreferrer nofollow" href="https://x.com/gr3pme">gr3pme</a> on X: ====== Ways to Support CTBBPodcast ======Hop on the CTBB <a target="_blank" rel="noopener noreferrer nofollow" href="https://ctbb.show/discord">Discord!</a>We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.You can also find some hacker swag at <a target="_blank" rel="noopener noreferrer nofollow" href="https://ctbb.show/merch">https://ctbb.show/merch</a>!====== Resources ======<a target="_blank" rel="noopener noreferrer nofollow" href="https://lab.ctbb.show/research/unicode-surrogates-to-replacement-characters">Unicode surrogates conversion</a><a target="_blank" rel="noopener noreferrer nofollow" href="https://www.youtube.com/watch?v=y_aQQmDMaY4">Prompt. Scan. Exploit</a><a target="_blank" rel="noopener noreferrer nofollow" href="https://www.youtube.com/watch?v=RNXCnJvE1Zg&list=PL6rDwEAPMIRSsWupDGpV4bMf7CiLTF0wk">Breaking into thousands of cloud based VPNs with 1 bug</a><a target="_blank" rel="noopener noreferrer nofollow" href="https://www.youtube.com/watch?v=mPo-an8BUXc">Examining Access Control Vulnerabilities in GraphQL</a><a target="_blank" rel="noopener noreferrer nofollow" href="https://www.youtube.com/watch?v=AOp0QtUORBc&list=PL6rDwEAPMIRSsWupDGpV4bMf7CiLTF0wk&index=6">Smart Bus Smart Hacking</a><a target="_blank" rel="noopener noreferrer nofollow" href="https://www.youtube.com/watch?v=LCGm5-ZjKK0">Passkeys Pwned</a><a target="_blank" rel="noopener noreferrer nofollow" href="https://www.youtube.com/watch?v=kSJBEZkJ4vM&list=PL6rDwEAPMIRSsWupDGpV4bMf7CiLTF0wk&index=3">Bypassing Intent Destination Checks</a><a target="_blank" rel="noopener noreferrer nofollow" href="https://www.youtube.com/watch?v=CUxbDRR0A8I">Gemini Agents in Google Calendar</a><a target="_blank" rel="noopener noreferrer nofollow" href="https://www.youtube.com/watch?v=JL2PT1Dac3g">Exploitation of DOM Clobbering Vuln at Scale</a><a target="_blank" rel="noopener noreferrer nofollow" href="https://github.com/jackfromeast/TheHulk">TheHulk</a><a target="_blank" rel="noopener noreferrer nofollow" href="https://www.youtube.com/watch?v=rLnlLLKISyY&list=PL6rDwEAPMIRSsWupDGpV4bMf7CiLTF0wk&index=4">Smart Devices, Dumb Resets</a><a target="_blank" rel="noopener noreferrer nofollow" href="https://www.youtube.com/watch?v=T13YfM8z0lE&list=PL6rDwEAPMIRSsWupDGpV4bMf7CiLTF0wk&index=7">Mac PRT Cookie Theft</a>====== Timestamps ======(00:00:00) Introduction(00:10:10) Prompt. Scan. Exploit(00:23:52) Breaking into thousands of cloud based VPNs with 1 bug(00:33:25) Access Control Vulns in GraphQL, Smart Bus Hacking, & Passkeys Pwned(00:44:10) Bypassing Intent Destination Checks & Invoking Gemini Agents(00:57:08) DOM Clobbering, Mac PRT Cookie Theft, & Smart Devices, Dumb Resets