Interested in going full-time bug bounty? Check out our blueprint!

Our Take on PortSwigger's Top 10 Web Hacking Techniques of 2023 (Ep. 60)

Episode 60: In this episode of Critical Thinking - Bug Bounty Podcast Justin and Joel review the Portswigger Research list of top 10 web hacking techniques of 2023.

Follow us on twitter at: https://twitter.com/ctbbpodcast

We're new to this podcasting thing, so feel free to send us any feedback here: info@criticalthinkingpodcast.io
Shoutout to https://twitter.com/realytcracker for the awesome intro music!

====== Links ======
Follow your hosts Rhynorater & Teknogeek on twitter:
https://twitter.com/0xteknogeek
https://twitter.com/rhynorater

====== Ways to Support CTBBPodcast ======
Hop on the CTBB Discord at https://ctbb.show/discord!

We also do Discord subs at $25, $10, $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.

Sign up for Caido using the referral code CTBBPODCAST for a 10% discount.

Resources:

Top 10 web hacking techniques of 2023
https://portswigger.net/research/top-10-web-hacking-techniques-of-2023

1: Smashing the state machine
https://portswigger.net/research/smashing-the-state-machine

8: From Akamai to F5 to NTLM
https://blog.malicious.group/from-akamai-to-f5-to-ntlm/

3: SMTP Smuggling
https://sec-consult.com/blog/detail/smtp-smuggling-spoofing-e-mails-worldwide/

4: PHP filter chains
https://www.synacktiv.com/publications/php-filter-chains-file-read-from-error-based-oracle

(Bonus Read)
https://www.synacktiv.com/publications/php-filters-chain-what-is-it-and-how-to-use-it.html

5: HTTP Parsers Inconsistencies
https://rafa.hashnode.dev/exploiting-http-parsers-inconsistencies

6: HTTP Request Splitting
https://offzone.moscow/upload/iblock/11a/sagouc86idiapdb8f29w41yaupqv6fwv.pdf

7: How I Hacked Microsoft Teams
https://speakerdeck.com/masatokinugawa/how-i-hacked-microsoft-teams-and-got-150000-dollars-in-pwn2own

9: Cookie Crumbles
https://www.usenix.org/conference/usenixsecurity23/presentation/squarcina

(Bonus Read)
https://blog.ankursundara.com/cookie-bugs/

10: Hacking root EPP servers to take control of zones
https://hackcompute.com/hacking-epp-servers/

Timestamps:
(00:00:00) Introduction
(00:04:26) 1: Smashing the state machine
(00:11:56) 8: From Akamai to F5 to NTLM... with love
(00:17:11) 3: SMTP Smuggling
(00:26:27) 4: PHP filter chains
(00:36:40) 5: HTTP Parsers Inconsistencies
(00:44:56) 6: HTTP Request Splitting
(00:53:43) 7: How I Hacked Microsoft Teams
(01:02:25) 9: Cookie Crumbles
(01:11:36) 10: EPP Server Takeover
(01:15:21) Summary