Sign up to save your podcasts
Or
Share Episode 119: Abusing Iframes from a client-side hacker
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Episode 119: Abusing Iframes from a client-side hacker
Episode 119: In this episode of Critical Thinking - Bug Bounty Podcast Justin does a mini deep dive into the world of iframes, starting with why they’re significant, their attributes, and how to attack them.
CORRECTION: Some of my comments on the latest episode of the pod were woefully inaccurate about the `csp` attribute of an iframe. Def should have read the spec more thoroughly. Please see the #corrections channel in Discord for the deets.
Follow us on twitter at: https://x.com/ctbbpodcast
Got any ideas and suggestions? Feel free to send us any feedback here: [email protected]
Shoutout to YTCracker for the awesome intro music!
====== Links ======
Follow your hosts Rhynorater and Rez0 on Twitter:
https://x.com/Rhynorater
https://x.com/rez0__
====== Ways to Support CTBBPodcast ======
Hop on the CTBB Discord at https://ctbb.show/discord!
We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.
You can also find some hacker swag at https://ctbb.show/merch!
====== Resources ======
Episode with JR0ch17
ctbb.show/61
Exacerbating Cross-Site Scripting: The Iframe Sandwich
https://coopergyoung.com/exacerbating-cross-site-scripting-the-iframe-sandwich/
====== Timestamps ======
(00:00:00) Introduction
(00:01:20) Why are Iframes useful
(00:05:11) Attributes of Iframes
(00:21:39) Iframe Attacks
(00:29:53) Iframe Fun Facts
View all episodes
By Justin Gardner (Rhynorater), Joseph Thacker (Rez0), & Brandyn Murtagh (gr3pme)
5
5353 ratings
Episode 119: In this episode of Critical Thinking - Bug Bounty Podcast Justin does a mini deep dive into the world of iframes, starting with why they’re significant, their attributes, and how to attack them.
CORRECTION: Some of my comments on the latest episode of the pod were woefully inaccurate about the `csp` attribute of an iframe. Def should have read the spec more thoroughly. Please see the #corrections channel in Discord for the deets.
Follow us on twitter at: https://x.com/ctbbpodcast
Got any ideas and suggestions? Feel free to send us any feedback here: [email protected]
Shoutout to YTCracker for the awesome intro music!
====== Links ======
Follow your hosts Rhynorater and Rez0 on Twitter:
https://x.com/Rhynorater
https://x.com/rez0__
====== Ways to Support CTBBPodcast ======
Hop on the CTBB Discord at https://ctbb.show/discord!
We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.
You can also find some hacker swag at https://ctbb.show/merch!
====== Resources ======
Episode with JR0ch17
ctbb.show/61
Exacerbating Cross-Site Scripting: The Iframe Sandwich
https://coopergyoung.com/exacerbating-cross-site-scripting-the-iframe-sandwich/
====== Timestamps ======
(00:00:00) Introduction
(00:01:20) Why are Iframes useful
(00:05:11) Attributes of Iframes
(00:21:39) Iframe Attacks
(00:29:53) Iframe Fun Facts
More shows like Critical Thinking - Bug Bounty Podcast
View all
Radiolab
43,923 Listeners
StarTalk Radio
14,371 Listeners
Hacked
188 Listeners
Security Now (Audio)
2,008 Listeners
The Vergecast
3,718 Listeners
Risky Business
372 Listeners
CyberWire Daily
1,025 Listeners
Click Here
419 Listeners
Darknet Diaries
8,088 Listeners
The Indicator from Planet Money
9,564 Listeners
The Jordan Harbinger Show
11,983 Listeners
Cybersecurity Today
178 Listeners
My First Million
2,664 Listeners
Cybersecurity Headlines
138 Listeners
The Ezra Klein Show
16,495 Listeners