Sign up to save your podcasts
Or
Share Episode 119: Abusing Iframes from a client-side hacker
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Episode 119: Abusing Iframes from a client-side hacker
Episode 119: In this episode of Critical Thinking - Bug Bounty Podcast Justin does a mini deep dive into the world of iframes, starting with why they’re significant, their attributes, and how to attack them.
CORRECTION: Some of my comments on the latest episode of the pod were woefully inaccurate about the `csp` attribute of an iframe. Def should have read the spec more thoroughly. Please see the #corrections channel in Discord for the deets.
Follow us on twitter at: https://x.com/ctbbpodcast
Got any ideas and suggestions? Feel free to send us any feedback here: [email protected]
Shoutout to YTCracker for the awesome intro music!
====== Links ======
Follow your hosts Rhynorater and Rez0 on Twitter:
https://x.com/Rhynorater
https://x.com/rez0__
====== Ways to Support CTBBPodcast ======
Hop on the CTBB Discord at https://ctbb.show/discord!
We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.
You can also find some hacker swag at https://ctbb.show/merch!
====== Resources ======
Episode with JR0ch17
ctbb.show/61
Exacerbating Cross-Site Scripting: The Iframe Sandwich
https://coopergyoung.com/exacerbating-cross-site-scripting-the-iframe-sandwich/
====== Timestamps ======
(00:00:00) Introduction
(00:01:20) Why are Iframes useful
(00:05:11) Attributes of Iframes
(00:21:39) Iframe Attacks
(00:29:53) Iframe Fun Facts
View all episodes
By Justin Gardner (Rhynorater) & Joseph Thacker (Rez0)
5
4545 ratings
Episode 119: In this episode of Critical Thinking - Bug Bounty Podcast Justin does a mini deep dive into the world of iframes, starting with why they’re significant, their attributes, and how to attack them.
CORRECTION: Some of my comments on the latest episode of the pod were woefully inaccurate about the `csp` attribute of an iframe. Def should have read the spec more thoroughly. Please see the #corrections channel in Discord for the deets.
Follow us on twitter at: https://x.com/ctbbpodcast
Got any ideas and suggestions? Feel free to send us any feedback here: [email protected]
Shoutout to YTCracker for the awesome intro music!
====== Links ======
Follow your hosts Rhynorater and Rez0 on Twitter:
https://x.com/Rhynorater
https://x.com/rez0__
====== Ways to Support CTBBPodcast ======
Hop on the CTBB Discord at https://ctbb.show/discord!
We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.
You can also find some hacker swag at https://ctbb.show/merch!
====== Resources ======
Episode with JR0ch17
ctbb.show/61
Exacerbating Cross-Site Scripting: The Iframe Sandwich
https://coopergyoung.com/exacerbating-cross-site-scripting-the-iframe-sandwich/
====== Timestamps ======
(00:00:00) Introduction
(00:01:20) Why are Iframes useful
(00:05:11) Attributes of Iframes
(00:21:39) Iframe Attacks
(00:29:53) Iframe Fun Facts
More shows like Critical Thinking - Bug Bounty Podcast
View all
Risky Business
363 Listeners
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
632 Listeners
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec
370 Listeners
Hacked
175 Listeners
CyberWire Daily
1,010 Listeners
Smashing Security
313 Listeners
Click Here
387 Listeners
Malicious Life
927 Listeners
Darknet Diaries
7,843 Listeners
Cybersecurity Today
142 Listeners
CISO Series Podcast
182 Listeners
Hacking Humans
309 Listeners
Cyber Security Headlines
120 Listeners
Bug Bounty Reports Discussed
4 Listeners
Risky Bulletin
33 Listeners