Sign up to save your podcasts
Or
Share Episode 79: The State of CSS Injection - Leaking Text Nodes & HTML Attributes
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Episode 79: The State of CSS Injection - Leaking Text Nodes & HTML Attributes
Episode 79: In this episode of Critical Thinking - Bug Bounty Podcast we deepdive CSS injection, and explore topics like sequential import chaining, font ligatures, and attribute exfiltration.
Follow us on twitter at: @ctbbpodcast
Send us any feedback here: [email protected]
Shoutout to YTCracker for the awesome intro music!
------ Links ------
Follow your hosts Rhynorater & Teknogeek on twitter:
https://twitter.com/0xteknogeek
https://twitter.com/rhynorater
------ Ways to Support CTBBPodcast ------
Hop on the CTBB Discord at https://ctbb.show/discord!
We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.
Resources:
SpaceRaccoon's Universal Code Execution Extensions
Escalating Client Side Path Traversal
Full-time Bug Bounty Blueprint
Sequential Import Chaining
CSS Exfiltation
Link that Justin was talking about
Font Ligatures
Lava Dome bypass
Stealing Data in Great Style
Steal Script Contents
Masato Kinugawa's tweet
Attacking with Just CSS
CSS Injection Primitives
Timestamps:
(00:00:00) Introduction
(00:02:32) Universal Code Execution
(00:11:32) Escalating Client Side Path Traversal
(00:16:56) Justin's Defcon talk & Bug Bounty Blueprint
(00:23:32) CSS Injection
(00:39:23) Font Ligatures
(00:54:30) Descent Override and display:block
View all episodes
By Justin Gardner (Rhynorater), Joseph Thacker (Rez0), & Brandyn Murtagh (gr3pme)
5
5353 ratings
Episode 79: In this episode of Critical Thinking - Bug Bounty Podcast we deepdive CSS injection, and explore topics like sequential import chaining, font ligatures, and attribute exfiltration.
Follow us on twitter at: @ctbbpodcast
Send us any feedback here: [email protected]
Shoutout to YTCracker for the awesome intro music!
------ Links ------
Follow your hosts Rhynorater & Teknogeek on twitter:
https://twitter.com/0xteknogeek
https://twitter.com/rhynorater
------ Ways to Support CTBBPodcast ------
Hop on the CTBB Discord at https://ctbb.show/discord!
We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.
Resources:
SpaceRaccoon's Universal Code Execution Extensions
Escalating Client Side Path Traversal
Full-time Bug Bounty Blueprint
Sequential Import Chaining
CSS Exfiltation
Link that Justin was talking about
Font Ligatures
Lava Dome bypass
Stealing Data in Great Style
Steal Script Contents
Masato Kinugawa's tweet
Attacking with Just CSS
CSS Injection Primitives
Timestamps:
(00:00:00) Introduction
(00:02:32) Universal Code Execution
(00:11:32) Escalating Client Side Path Traversal
(00:16:56) Justin's Defcon talk & Bug Bounty Blueprint
(00:23:32) CSS Injection
(00:39:23) Font Ligatures
(00:54:30) Descent Override and display:block
More shows like Critical Thinking - Bug Bounty Podcast
View all
Radiolab
43,816 Listeners
StarTalk Radio
14,356 Listeners
Hacked
186 Listeners
Security Now (Audio)
2,013 Listeners
The Vergecast
3,721 Listeners
Risky Business
372 Listeners
CyberWire Daily
1,026 Listeners
Click Here
418 Listeners
Darknet Diaries
8,078 Listeners
The Indicator from Planet Money
9,563 Listeners
The Jordan Harbinger Show
11,991 Listeners
Cybersecurity Today
176 Listeners
My First Million
2,655 Listeners
Cybersecurity Headlines
138 Listeners
The Ezra Klein Show
16,530 Listeners