Episode 149: DEFCON Debrief: AI Vulns, Unicode Weirdness, And Wild Vulnerability Chains Critical Thinking

Episode 149: DEFCON Debrief: AI Vulns, Unicode Weirdness, and Wild Vulnerability Chains

45 subscribers

published 2d ago

Content provided by Justin Gardner (Rhynorater) & Joseph Thacker (Rez0), Justin Gardner (Rhynorater), and Joseph Thacker (Rez0). All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Justin Gardner (Rhynorater) & Joseph Thacker (Rez0), Justin Gardner (Rhynorater), and Joseph Thacker (Rez0) or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://staging.podcastplayer.com/legal.

Episode 149: In this episode of Critical Thinking - Bug Bounty Podcast The DEFCON videos are up, and Justin and Joseph talk through some of their favorites.

Got any ideas and suggestions? Feel free to send us any feedback here: [email protected]

Shoutout to YTCracker for the awesome intro music!

====== Links ======

Follow your hosts Rhynorater, rez0 and gr3pme on X:

====== Ways to Support CTBBPodcast ======

Hop on the CTBB Discord!

We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.

You can also find some hacker swag at https://ctbb.show/merch!

====== Resources ======

Unicode surrogates conversion

Prompt. Scan. Exploit

Breaking into thousands of cloud based VPNs with 1 bug

Examining Access Control Vulnerabilities in GraphQL

Smart Bus Smart Hacking

Passkeys Pwned

Bypassing Intent Destination Checks

Gemini Agents in Google Calendar

Exploitation of DOM Clobbering Vuln at Scale

TheHulk

Smart Devices, Dumb Resets

Mac PRT Cookie Theft

====== Timestamps ======

(00:00:00) Introduction

(00:10:10) Prompt. Scan. Exploit

(00:23:52) Breaking into thousands of cloud based VPNs with 1 bug

(00:33:25) Access Control Vulns in GraphQL, Smart Bus Hacking, & Passkeys Pwned

(00:44:10) Bypassing Intent Destination Checks & Invoking Gemini Agents

(00:57:08) DOM Clobbering, Mac PRT Cookie Theft, & Smart Devices, Dumb Resets

149 episodes

#Tech #Justin Gardner (Rhynorater

All episodes

Top Podcasts

1
The Bill Simmons Podcast

The Ringer

112k

Unsubscribe

6h ago6h ago

Unsubscribe

Weekly+

HBO and The Ringer's Bill Simmons hosts the most downloaded sports podcast of all time, with a rotating crew of celebrities, athletes, and media staples, as well as mainstays like Cousin Sal, Joe House, and a slew of other friends and family members who always happen to be suspiciously available.

1
PTI

ESPN, Tony Kornheiser, Michael Wilbon

104k

200

Unsubscribe

1d ago1d ago

Unsubscribe

Daily

Tony Kornheiser and Michael Wilbon face off in the nation's capital on the day's hottest topics.

1
The Herd with Colin Cowherd

iHeartPodcasts and The Volume

11k

Unsubscribe

7h ago7h ago

Unsubscribe

Daily+

The Herd with Colin Cowherd is a thought-provoking, opinionated, and topic-driven journey through the top sports stories of the day.

1
Planet Money

NPR

191k

355

Unsubscribe

1h ago1h ago

Unsubscribe

Weekly+

Wanna see a trick? Give us any topic and we can tie it back to the economy. At Planet Money, we explore the forces that shape our lives and bring you along for the ride. Don't just understand the economy – understand the world. Wanna go deeper? Subscribe to Planet Money+ and get sponsor-free episodes of Planet Money, The Indicator, and Planet Money Summer School. Plus access to bonus content. It's a new way to support the show you love. Learn more at plus.npr.org/planetmoney

1
Comedy of the Week

BBC Radio 4

165k

Unsubscribe

5d ago5d ago

Unsubscribe

Weekly

Brighten your week with the latest BBC Radio 4 comedy.

1
The Bugle

The Bugle

124k

676

Unsubscribe

3d ago3d ago

Unsubscribe

Weekly

It's the trans-global satiricast that leaves no hot potato unbuttered. Andy Zaltzman breaks down the news with comedians from across the world including Alice Fraser, Hari Kondabolu, Chris Addison, John Oliver, Nish Kumar, Tiff Stevenson and Helen Zaltzman. Go to TheBuglePodcast.com to become a premium subscriber and get exclusive shows. Follow us on YouTube. Hosted on Acast. See acast.com/privacy for more information.

1
How Did This Get Made?

Earwolf and Paul Scheer, June Diane Raphael, Jason Mantzoukas

199k

311

Unsubscribe

9h ago9h ago

Unsubscribe

Weekly+

The award-winning comedy podcast that celebrates bad movies. Comedians and actors Paul Scheer (The League), June Diane Raphael (Grace and Frankie), and Jason Mantzoukas (Big Mouth) break down the very best of the worst films ever made—we’re talkin’ blockbuster flops, cheesy 80s action movies, Lifetime thrillers, obscure cult classics, and if we’re honest… most Nic Cage and Jason Statham movies. Plus, sometimes they’re even joined by hilarious guests like Seth Rogen, Conan O’Brien, Amy Schume ...

1
Slate Culture

Slate Podcasts

159k

Unsubscribe

1d ago1d ago

Unsubscribe

Daily

Get the Culture Gabfest and all of Slate's culture coverage here.

1
TED Talks Daily

TED

1349k

Unsubscribe

14h ago14h ago

Unsubscribe

Daily

Want TED Talks on the go? Everyday, this feed brings you our latest talks in audio format. Hear thought-provoking ideas on every subject imaginable – from Artificial Intelligence to Zoology, and everything in between – given by the world's leading thinkers and doers. This collection of talks, given at TED and TEDx conferences around the globe, is also available in video format. Hosted on Acast. See acast.com/privacy for more information.

1
NBC Nightly News with Tom Llamas

NBC News

1207k

738

Unsubscribe

21h ago21h ago

Unsubscribe

Daily

Listen to "NBC Nightly News," providing reports and analysis of the day's most newsworthy national and international events. This audio podcast, updated each evening, brings you the day's show in its entirety. For more from "Nightly News", visit NBCNightlyNews.com.

1
CBS News Roundup

CBS News

1137k

Unsubscribe

1h ago1h ago

Unsubscribe

Daily

The CBS News team wraps up the major headlines you need to know every day on the CBS News Roundup podcast. On weekday mornings, Steve Kathan delivers the “World News Roundup” and every evening you can catch up on all the day's news with Jennifer Keiper on the “World News Roundup: Late Edition”. Then, every weekend the CBS News team in Washington goes deep into the major stories on “Weekend Roundup'' hosted by Allison Keyes. Each episode features a “Kaleidoscope” segment that takes on social ...

1
Daily Boost - Motivation and Coaching

Scott Smith - Motivation and Coaching

381k

Unsubscribe

9h ago9h ago

Unsubscribe

Daily

Start your day with practical philosophy that actually works. In under 10 minutes, Scott Smith cuts through the noise with straight talk about navigating life's messy middle—where personal and professional challenges collide. No hype. No fluff. Just 20 years of hard-won wisdom, Stoic principles, and real stories from someone who's been there. Monday through Friday, learn to think clearly, act wisely, and build a life that's actually yours.

1
Radiolab

WNYC Studios

294k

150

Unsubscribe

4h ago4h ago

Unsubscribe

Weekly

Radiolab is on a curiosity bender. We ask deep questions and use investigative journalism to get the answers. A given episode might whirl you through science, legal history, and into the home of someone halfway across the world. The show is known for innovative sound design, smashing information into music. It is hosted by Lulu Miller and Latif Nasser.

1
Science Friday

Science Friday and WNYC Studios

188k

Unsubscribe

20h ago20h ago

Unsubscribe

Daily

Covering the outer reaches of space to the tiniest microbes in our bodies, Science Friday is the source for entertaining and educational stories about science, technology, and other cool stuff.

1
This American Life

This American Life

362k

Unsubscribe

3d ago3d ago

Unsubscribe

Monthly

Each week we choose a theme. Then anything can happen. This American Life is true stories that unfold like little movies for radio. Personal stories with funny moments, big feelings, and surprising plot twists. Newsy stories that try to capture what it’s like to be alive right now. It’s the most popular weekly podcast in the world, and winner of the first ever Pulitzer Prize for a radio show or podcast. Hosted by Ira Glass and produced in collaboration with WBEZ Chicago.

1
Snap Judgment

Snap Judgment and PRX

319k

500

Unsubscribe

1d ago1d ago

Unsubscribe

Weekly

Snap Judgment mixes real stories with killer beats to produce cinematic, dramatic radio. Snap’s raw, musical brand of storytelling dares listeners to see the world through the eyes of another. It's storytelling... with a BEAT.

1
Criminal

Vox Media Podcast Network

258k

356

Unsubscribe

5h ago5h ago

Unsubscribe

Weekly

Criminal is the first of its kind. A show about people who’ve done wrong, been wronged, or gotten caught somewhere in the middle. Hosted by Phoebe Judge. Named a Best Podcast of 2023 by the New York Times. Part of the Vox Media Podcast Network.

1
Sword and Scale

Sword and Scale

60k

265

Unsubscribe

5d ago5d ago

Unsubscribe

Monthly+

Sword and Scale is a weekly true crime podcast covering the dark underworld of crime and the criminal justice system’s response to it. The first episode launched January 1st, 2014 and feature stories of murder, abduction, rape, and even more bizarre forms of crime. It’s the purest form of true-crime where the raw uncensored audio tells the story. Everything from 911 calls to court testimony, interviews with victims and sometimes with perpetrators give listeners a 360 degree look at the seedy ...

1
In The Dark

The New Yorker

52k

Unsubscribe

2d ago2d ago

Unsubscribe

Monthly

In the Dark, hosted by Madeleine Baran, is an award-winning investigative-journalism podcast that started in 2016. Its first season looked at the mysterious abduction of Jacob Wetterling in rural Minnesota and the lack of accountability that sheriffs face when they fail to solve cases. Season 2 examined the case of Curtis Flowers, who was tried six times for the same crime. In 2020, In the Dark released a special report on the coronavirus pandemic in the Mississippi Delta. In 2023, In the Da ...

Episode 149: DEFCON Debrief: AI Vulns, Unicode Weirdness, and Wild Vulnerability Chains

Similar to Critical Thinking - Bug Bounty Podcast

Download the best offline podcast player

Top Podcasts