Sign up to save your podcasts
Or
Share Episode 119: Abusing Iframes from a client-side hacker
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Episode 119: Abusing Iframes from a client-side hacker
Episode 119: In this episode of Critical Thinking - Bug Bounty Podcast Justin does a mini deep dive into the world of iframes, starting with why they’re significant, their attributes, and how to attack them.
CORRECTION: Some of my comments on the latest episode of the pod were woefully inaccurate about the `csp` attribute of an iframe. Def should have read the spec more thoroughly. Please see the #corrections channel in Discord for the deets.
Follow us on twitter at: https://x.com/ctbbpodcast
Got any ideas and suggestions? Feel free to send us any feedback here: [email protected]
Shoutout to YTCracker for the awesome intro music!
====== Links ======
Follow your hosts Rhynorater and Rez0 on Twitter:
https://x.com/Rhynorater
https://x.com/rez0__
====== Ways to Support CTBBPodcast ======
Hop on the CTBB Discord at https://ctbb.show/discord!
We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.
You can also find some hacker swag at https://ctbb.show/merch!
====== Resources ======
Episode with JR0ch17
ctbb.show/61
Exacerbating Cross-Site Scripting: The Iframe Sandwich
https://coopergyoung.com/exacerbating-cross-site-scripting-the-iframe-sandwich/
====== Timestamps ======
(00:00:00) Introduction
(00:01:20) Why are Iframes useful
(00:05:11) Attributes of Iframes
(00:21:39) Iframe Attacks
(00:29:53) Iframe Fun Facts
View all episodes
By Justin Gardner (Rhynorater) & Joseph Thacker (Rez0)
5
5353 ratings
Episode 119: In this episode of Critical Thinking - Bug Bounty Podcast Justin does a mini deep dive into the world of iframes, starting with why they’re significant, their attributes, and how to attack them.
CORRECTION: Some of my comments on the latest episode of the pod were woefully inaccurate about the `csp` attribute of an iframe. Def should have read the spec more thoroughly. Please see the #corrections channel in Discord for the deets.
Follow us on twitter at: https://x.com/ctbbpodcast
Got any ideas and suggestions? Feel free to send us any feedback here: [email protected]
Shoutout to YTCracker for the awesome intro music!
====== Links ======
Follow your hosts Rhynorater and Rez0 on Twitter:
https://x.com/Rhynorater
https://x.com/rez0__
====== Ways to Support CTBBPodcast ======
Hop on the CTBB Discord at https://ctbb.show/discord!
We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.
You can also find some hacker swag at https://ctbb.show/merch!
====== Resources ======
Episode with JR0ch17
ctbb.show/61
Exacerbating Cross-Site Scripting: The Iframe Sandwich
https://coopergyoung.com/exacerbating-cross-site-scripting-the-iframe-sandwich/
====== Timestamps ======
(00:00:00) Introduction
(00:01:20) Why are Iframes useful
(00:05:11) Attributes of Iframes
(00:21:39) Iframe Attacks
(00:29:53) Iframe Fun Facts
More shows like Critical Thinking - Bug Bounty Podcast
View all
Risky Business
364 Listeners
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
639 Listeners
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec
368 Listeners
Hacked
181 Listeners
CyberWire Daily
1,014 Listeners
Smashing Security
316 Listeners
Click Here
406 Listeners
Darknet Diaries
7,958 Listeners
Cybersecurity Today
164 Listeners
CISO Series Podcast
189 Listeners
Hacking Humans
316 Listeners
Defense in Depth
77 Listeners
Bug Bounty Reports Discussed
4 Listeners
Risky Bulletin
43 Listeners
Hacker And The Fed
168 Listeners