Episode 150: ASP.NET MVC Patterns, Popping Oracle Identity, and Esoteric Subdomain Enumeration

NOV 27, 202557 MIN

Episode 150: ASP.NET MVC Patterns, Popping Oracle Identity, and Esoteric Subdomain Enumeration

NOV 27, 202557 MIN

Description

Episode 150: In this episode of Critical Thinking - Bug Bounty Podcast we're highlighting some cool news and research, but not before expressing our gratitude to the Hacker community. We are so thankful for you all!Follow us on twitter at: <a target="_blank" rel="noopener noreferrer nofollow" href="https://x.com/ctbbpodcast">https://x.com/ctbbpodcast</a>Got any ideas and suggestions? Feel free to send us any feedback here: <a target="_blank" rel="noopener noreferrer nofollow" href="mailto:[email protected]">[email protected]</a>Shoutout to<a target="_blank" rel="noopener noreferrer nofollow" href="https://twitter.com/realytcracker"> YTCracker</a> for the awesome intro music!====== Links ======Follow your hosts Rhynorater, rez0 and gr3pme on X: <a target="_blank" rel="noopener noreferrer nofollow" href="https://x.com/Rhynorater">https://x.com/Rhynorater</a><a target="_blank" rel="noopener noreferrer nofollow" href="https://x.com/rez0__">https://x.com/rez0__</a><a target="_blank" rel="noopener noreferrer nofollow" href="https://x.com/gr3pme">https://x.com/gr3pme</a>====== Ways to Support CTBBPodcast ======Hop on the CTBB Discord at <a target="_blank" rel="noopener noreferrer nofollow" href="https://ctbb.show/discord">https://ctbb.show/discord</a>!We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.You can also find some hacker swag at <a target="_blank" rel="noopener noreferrer nofollow" href="https://ctbb.show/merch">https://ctbb.show/merch</a>!Today's Sponsor: ThreatLocker. Check out ThreatLocker Elevation Control<a target="_blank" rel="noopener noreferrer nofollow" href="https://ctbb.show/tl-ec">https://ctbb.show/tl-ec</a>====== This Week in Bug Bounty ======<a target="_blank" rel="noopener noreferrer nofollow" href="https://hackerone.com/reports/3027461">Cache Overflow on Cloudflare</a>====== Resources ======<a target="_blank" rel="noopener noreferrer nofollow" href="https://slcyber.io/research-center/breaking-oracles-identity-manager-pre-auth-rce/">Breaking Oracle’s Identity Manager</a><a target="_blank" rel="noopener noreferrer nofollow" href="https://hx01.me/hailcsv.htm">Who Needs a Blind XSS?</a><a target="_blank" rel="noopener noreferrer nofollow" href="https://lab.ctbb.show/research/asp-net-mvc-view-engine-search-patterns">ASP.NET MVC View Engine Search Patterns</a><a target="_blank" rel="noopener noreferrer nofollow" href="https://github.com/p-e-w/heretic">Heretic</a><a target="_blank" rel="noopener noreferrer nofollow" href="https://docs.google.com/presentation/d/1UOcryh9c7zJ0UnnLwqRLFIyfU5LxSRRRt10c17dV8tI/edit?slide=id.g2d6dd8819b6_0_20#slide=id.g2d6dd8819b6_0_20">Lesser known techniques for large-scale subdomain enum</a><a target="_blank" rel="noopener noreferrer nofollow" href="https://bughunters.google.com/learn/invalid-reports/google-products/4655949258227712/antigravity-known-issues#known-issues">Antigravity – Known Issues</a><a target="_blank" rel="noopener noreferrer nofollow" href="https://bugbountydaily.com/">Bug Bounty Daily</a><a target="_blank" rel="noopener noreferrer nofollow" href="https://github.com/caido-community/surf">Caido version of AssetNote Surf</a>====== Timestamps ======(00:00:00) Introduction(00:09:47) Breaking Oracle’s Identity Manager & Who Needs a Blind XSS?(00:20:37) <a target="_blank" rel="noopener noreferrer nofollow" href="http://ASP.NET">ASP.NET</a> MVC View Engine Search Patterns & Heretic(00:29:04) Lesser known techniques for large-scale subdomain enum(00:35:29) Gemini 3 & Antigravity.(00:45:57) Bug Bounty Daily (00:52:42) Surf for Caido