DEFCON Breakdown: Wildcards, Passkeys, and DOM-Clobbering and More (Ep. 149)

Episode 149: In this episode of Critical Thinking - Bug Bounty Podcast The DEFCON videos are up, and Justin and Joseph talk through some of their favorites.

Follow us on twitter at: https://x.com/ctbbpodcast
Got any ideas and suggestions? Feel free to send us any feedback here: info@criticalthinkingpodcast.io
Shoutout to https://twitter.com/realytcracker for the awesome intro music!

====== Links ======
Follow your hosts Rhynorater, rez0 and gr3pme on X:
https://x.com/Rhynorater
https://x.com/rez0__
https://x.com/gr3pme

====== Ways to Support CTBBPodcast ======
Hop on the CTBB Discord at https://ctbb.show/discord!

We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.

You can also find some hacker swag at https://ctbb.show/merch!

====== Resources ======
Unicode surrogates conversion to (simplified) replacement characters
https://lab.ctbb.show/research/unicode-surrogates-to-replacement-characters

Prompt. Scan. Exploit - Ai's Journey Through Zero-Days And A Thousand Bugs
https://www.youtube.com/watch?v=y_aQQmDMaY4

Breaking into thousands of cloud based VPNs with 1 bug
https://www.youtube.com/watch?v=RNXCnJvE1Zg&list=PL6rDwEAPMIRSsWupDGpV4bMf7CiLTF0wk

Examining Access Control Vulnerabilities in GraphQL
https://www.youtube.com/watch?v=mPo-an8BUXc

Smart Bus Smart Hacking
https://www.youtube.com/watch?v=AOp0QtUORBc&list=PL6rDwEAPMIRSsWupDGpV4bMf7CiLTF0wk&index=6

Passkeys Pwned
https://www.youtube.com/watch?v=LCGm5-ZjKK0

Bypassing Intent Destination Checks, LaunchAnyWhere Privilege Escalation
https://www.youtube.com/watch?v=kSJBEZkJ4vM&list=PL6rDwEAPMIRSsWupDGpV4bMf7CiLTF0wk&index=3

Invoking Gemini Agents with a Google Calendar Invite
https://www.youtube.com/watch?v=CUxbDRR0A8I

AutoDetection & Exploitation of DOM Clobbering Vuln at Scale
https://www.youtube.com/watch?v=JL2PT1Dac3g

TheHulk
https://github.com/jackfromeast/TheHulk

Smart Devices, Dumb Resets
https://www.youtube.com/watch?v=rLnlLLKISyY&list=PL6rDwEAPMIRSsWupDGpV4bMf7CiLTF0wk&index=4

Mac PRT Cookie Theft
https://www.youtube.com/watch?v=T13YfM8z0lE&list=PL6rDwEAPMIRSsWupDGpV4bMf7CiLTF0wk&index=7

====== Timestamps ======
(00:00:00) Introduction
(00:10:10) Prompt. Scan. Exploit
(00:23:52) Breaking into thousands of cloud based VPNs with 1 bug
(00:33:25) Access Control Vulns in GraphQL Vulns, Smart Bus Hacking, & Passkeys Pwned
(00:44:10) Bypassing Intent Destination Checks & Invoking Gemini Agents
(00:57:08) DOM Clobbering, Mac PRT Cookie Theft, & Smart Devices, Dumb Resets