Episode 158: 10hr Marathon Hack-Along Recap + $300k Client-side Bugs

Episode 158: In this episode of Critical Thinking - Bug Bounty Podcast we talk about our personal takeaways from the CTBB Charity Hackalong, and then break down some InsertScript POCs, what a $55,000 bug can look like, and if Smart People Ever Say They’re Smart.Follow us on twitter at: https://x.com/ctbbpodcastGot any ideas and suggestions? Feel free to send us any feedback here: info@criticalthinkingpodcast.ioShoutout to YTCracker for the awesome intro music!====== Links ======Follow your hosts Rhynorater, rez0 and gr3pme on X:

Episode 158: In this episode of Critical Thinking - Bug Bounty Podcast we talk about our personal takeaways from the CTBB Charity Hackalong, and then break down some InsertScript POCs, what a $55,000 bug can look like, and if Smart People Ever Say They’re Smart.

Follow us on twitter at: https://x.com/ctbbpodcast

Got any ideas and suggestions? Feel free to send us any feedback here: info@criticalthinkingpodcast.io

Shoutout to YTCracker for the awesome intro music!

====== Links ======

Follow your hosts Rhynorater, rez0 and gr3pme on X:

https://x.com/Rhynorater

https://x.com/rez0__

https://x.com/gr3pme

Critical Research Lab:

https://lab.ctbb.show/

====== Ways to Support CTBBPodcast ======

Hop on the CTBB Discord at https://ctbb.show/discord!

We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.

You can also find some hacker swag at https://ctbb.show/merch!

Today's Sponsor: Join Justin at Zero Trust World in March and get $200 off registration with Code ZTWCTBB26

https://ztw.com/

====== Resources ======

InsertScript - XSS Challenge Solution

https://insert-script.blogspot.com/2020/03/xss-challenge-solution-refresh-header.html

InsertScript - Redirect AuthHeader

https://www.insert-script.com/examples/redirectAuthHeader/send.html

CRLF injection on a 302 redirect

https://x.com/0xdef1ant/status/2009040359482118500

Multiple XSS in Meta Conversion API Gateway Leading to Zero-Click Account Takeover

https://ysamm.com/uncategorized/2025/01/13/capig-xss.html

Arcanum Hack Tips

https://github.com/Arcanum-Sec/hack_tips

Trail of Bits Releases Claude Skills

https://x.com/dguido/status/2011541318229533063

what a $55,000 bug can look like

https://x.com/the_IDORminator/status/2007480636244697237

Pwning Claude Code in 8 Different Ways

https://flatt.tech/research/posts/pwning-claude-code-in-8-different-ways/

Do Smart People Ever Say They’re Smart?

https://labs.watchtowr.com/do-smart-people-ever-say-theyre-smart-smartertools-smartermail-pre-auth-rce-cve-2025-52691/

====== Timestamps ======

(00:00:00) Introduction

(00:04:18) Technical takeaways from CT Charity Hackalong

(00:22:21) InsertScript POCs & Rez0 and teknogeek's IOT Adventures

(00:32:16) CRLF injection on a 302 redirect & Multiple XSS in Meta

(00:41:00) Trail of Bits, what a $55,000 bug can look like, & Pwning Claude Code

(00:54:16) Do Smart People Ever Say They’re Smart?