Jan. 22, 2026

Episode 158: 10hr Marathon Hack-Along Recap + $300k Client-side Bugs

Episode 158: 10hr Marathon Hack-Along Recap + $300k Client-side Bugs
The player is loading ...
Episode 158: 10hr Marathon Hack-Along Recap + $300k Client-side Bugs
Episode 158: 10hr Marathon Hack-Along Recap + $300k Client-side Bugs
Apple Podcasts podcast player badge
Spotify podcast player badge
Castro podcast player badge
RSS Feed podcast player badge
YouTube podcast player badge
Apple Podcasts podcast player icon Spotify podcast player icon Castro podcast player icon RSS Feed podcast player icon YouTube podcast player icon
Season 1

Episode 158: In this episode of Critical Thinking - Bug Bounty Podcast we talk about our personal takeaways from the CTBB Charity Hackalong, and then break down some InsertScript POCs, what a $55,000 bug can look like, and if Smart People Ever Say They’re Smart.


Follow us on twitter at: https://x.com/ctbbpodcast

Got any ideas and suggestions? Feel free to send us any feedback here: info@criticalthinkingpodcast.io

Shoutout to YTCracker for the awesome intro music!



====== Links ======

Follow your hosts Rhynorater, rez0 and gr3pme on X: 

https://x.com/Rhynorater

https://x.com/rez0__

https://x.com/gr3pme


Critical Research Lab:

https://lab.ctbb.show/ 


====== Ways to Support CTBBPodcast ======

Hop on the CTBB Discord at https://ctbb.show/discord!


We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.


You can also find some hacker swag at https://ctbb.show/merch!


Today's Sponsor: Join Justin at Zero Trust World in March and get $200 off registration with Code ZTWCTBB26

https://ztw.com/


====== Resources ======

InsertScript - XSS Challenge Solution

https://insert-script.blogspot.com/2020/03/xss-challenge-solution-refresh-header.html


InsertScript - Redirect AuthHeader

https://www.insert-script.com/examples/redirectAuthHeader/send.html


CRLF injection on a 302 redirect

https://x.com/0xdef1ant/status/2009040359482118500


Multiple XSS in Meta Conversion API Gateway Leading to Zero-Click Account Takeover

https://ysamm.com/uncategorized/2025/01/13/capig-xss.html


Arcanum Hack Tips

https://github.com/Arcanum-Sec/hack_tips


Trail of Bits Releases Claude Skills

https://x.com/dguido/status/2011541318229533063


what a $55,000 bug can look like

https://x.com/the_IDORminator/status/2007480636244697237


Pwning Claude Code in 8 Different Ways

https://flatt.tech/research/posts/pwning-claude-code-in-8-different-ways/


Do Smart People Ever Say They’re Smart?

https://labs.watchtowr.com/do-smart-people-ever-say-theyre-smart-smartertools-smartermail-pre-auth-rce-cve-2025-52691/



====== Timestamps ======

(00:00:00) Introduction

(00:04:18) Technical takeaways from CT Charity Hackalong

(00:22:21) InsertScript POCs & Rez0 and teknogeek's IOT Adventures

(00:32:16) CRLF injection on a 302 redirect & Multiple XSS in Meta

(00:41:00) Trail of Bits, what a $55,000 bug can look like, & Pwning Claude Code

(00:54:16) Do Smart People Ever Say They’re Smart?