Episode 175: In this episode of Critical Thinking - Bug Bounty Podcast we’re comparing Hackbot setups and results. We also talk about some of the recent ZDI drama, as well as the importance of freaking beautiful POCs.
Follow us on twitter at: https://x.com/ctbbpodcast
Got any ideas and suggestions? Feel free to send us any feedback here: info@criticalthinkingpodcast.io
Shoutout to YTCracker for the awesome intro music!
====== Links ======
Follow your hosts Rhynorater, rez0 and gr3pme on X:
https://x.com/Rhynorater
https://x.com/rez0__
https://x.com/gr3pme
Critical Research Lab:
https://lab.ctbb.show/
Need a Pentest? We just launched CTBB Pentests!
https://pentest.ctbb.show/
Hack full time? Check out the Full-Time Hunter’s Guild!
https://ctbb.show/fthg
====== Ways to Support CTBBPodcast ======
Hop on the CTBB Discord at https://ctbb.show/discord!
We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.
You can also find some hacker swag at https://ctbb.show/merch!
Today's Sponsor: Check out Zero Trust Cloud Access from ThreatLocker
https://www.criticalthinkingpodcast.io/tl-ztca
====== Resources ======
Another day, another universal linux LPE
https://x.com/v12sec/status/2054491454064746629
ZDI Drama
https://x.com/ryotkak/status/2052881664909660521
Orange Tsai Bug on Edge
https://x.com/thezdi/status/2054868495888777266
Chompie's Exploit in NV Container Toolkit
https://x.com/chompie1337/status/2054882193055601140
GitHub Security April bug bounty stats
https://x.com/GitHubSecurity/status/2054274356403138932
====== Timestamps ======
(00:00:00) Introduction
(00:02:14) q param prompt injection & Mobile CSPT
(00:14:17) Admin API Key MegaCrit
(00:17:13) Hackbots
(00:37:10) Pretty POCs and ZDI Drama
(00:44:48) GitHub Security April Stats
