Slonser's Image Injection 0-day - ATO & New Caido Collab Plugin (Ep. 121)

Episode 121: In this episode of Critical Thinking - Bug Bounty Podcast we catch up on a bunch of news and research.

Follow us on twitter at: https://x.com/ctbbpodcast
Got any ideas and suggestions? Feel free to send us any feedback here: info@criticalthinkingpodcast.io
Shoutout to https://twitter.com/realytcracker for the awesome intro music!

====== Links ======
Follow your hosts Rhynorater and Rez0 on Twitter:
https://x.com/Rhynorater
https://x.com/rez0__

====== Ways to Support CTBBPodcast ======
Hop on the CTBB Discord at https://ctbb.show/discord!

We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.

You can also find some hacker swag at https://ctbb.show/merch!

====== This Week in Bug Bounty ======
Hacker spotlight: Rhynorater
https://www.bugcrowd.com/blog/hacker-spotlight-rhynorater/

Ultra Mobile Managed Bug Bounty Program - Mobile Apps
https://bugcrowd.com/engagements/ultramobile-mbb-og2

Ultra Mobile Managed Bug Bounty Program - (Public)
https://bugcrowd.com/engagements/ultramobile

John Deere Program highlights
https://hackerone.com/john-deere?type=team

Hacker Heroes: John Deere's Bug Bounty Program Boosts Cybersecurity
https://www.deere.com/en/stories/featured/hacker-heroes/

Dojo #41 - Ruby treasure
https://dojo-yeswehack.com/challenge/play/5509cc2e-bd6c-4606-8cbb-f3ca1d25c732

====== Resources ======
slonser 0-day in chrome
https://x.com/slonser_/status/1919439373986107814

CT Additional useful primitives
https://x.com/ctbbpodcast/status/1919501924862214577

Tweets from other Hackers
https://x.com/0xw2w/status/1919719769500221884
https://x.com/YShahinzadeh/status/1919500750230544404
https://x.com/AmirMSafari/status/1919480460998021198

How I made $64k from deleted files
https://medium.com/@sharon.brizinov/how-i-made-64k-from-deleted-files-a-bug-bounty-story-c5bd3a6f5f9b

CTBB episode with Sharon Brizinov
ctbb.show/98

Rez0's Subdomain Link Launcher
https://josephthacker.com/subdomain_link_launcher

Qwen3 Local Model
https://x.com/simonw/status/1918451927207325774
s
May Cause Pwnage - Backdoors in Disguise
https://blog.jaisal.dev/articles/mcp

import WAF bypass
https://x.com/KN0X55/status/1916180381742551238

Caido Drop
https://github.com/caido-community/drop

Andre's tweet about encoded word
https://x.com/0xacb/status/1915334267522912742

Nahamcon
https://www.nahamcon.com/

Gemini prompt leak
https://x.com/elder_plinius/status/1913734789544214841

SVG Onload Handlers
https://x.com/garethheyes/status/1915488202405593136

====== Timestamps ======
(00:00:00) Introduction
(00:06:13) slonser 0-day in Chrome
(00:19:11) 'How I made $64k from deleted files' Rez0's Subdomain Link Launcher, & Qwen3 Local Model
(00:31:59) May Cause Pwnage & import WAF bypass
(00:40:10) Caido Plugin 'Drop' & encoded words
(00:48:00) Nahamcon, Gemini prompt leak, & SVG Onload Handlers