با برنامه Player FM !
Episode 95: Attacking Chrome Extensions with MatanBer - Big Impact on the Client-Side
Manage episode 447786733 series 3435922
Episode 95: In this episode of Critical Thinking - Bug Bounty Podcast In this episode, Justin is joined by MatanBer to delve into the intricacies of browser extensions. We talk about the structure and threat models, and cover things like service workers, extension pages, and isolated worlds.
Follow us on twitter at: @ctbbpodcast
We're new to this podcasting thing, so feel free to send us any feedback here: info@criticalthinkingpodcast.io
Shoutout to YTCracker for the awesome intro music!
------ Links ------
Follow your hosts Rhynorater & Teknogeek on twitter:
https://twitter.com/0xteknogeek
https://twitter.com/rhynorater
------ Ways to Support CTBBPodcast ------
Hop on the CTBB Discord at https://ctbb.show/discord!
We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.
Today’s Sponsor - AssetNote. Listen to their podcast https://www.criticalthinkingpodcast.io/sspod
Today’s Guest: https://x.com/MtnBer
Resources
Universal Code Execution by Chaining Messages in Browser Extensions
https://spaceraccoon.dev/universal-code-execution-browser-extensions/
DOMLogger++
https://github.com/kevin-mizu/domloggerpp
BBRE Metamask bug
https://youtu.be/HnI0w156rtw?si=QixP8SX6JuRFz6PA
Bench Press: Leaking Text Nodes with CSS
https://blog.pspaul.de/posts/bench-press-leaking-text-nodes-with-css/
Timestamps:
(00:00:00) Introduction
(00:03:08) Structure & Threat Model for Browser Extension
(00:28:28) Extension Attack scenarios
(01:01:26) Attacking Extension Pages
(01:26:35) Attacking Service Workers
(01:46:23) Getting source code and dynamic debugging
100 قسمت
Manage episode 447786733 series 3435922
Episode 95: In this episode of Critical Thinking - Bug Bounty Podcast In this episode, Justin is joined by MatanBer to delve into the intricacies of browser extensions. We talk about the structure and threat models, and cover things like service workers, extension pages, and isolated worlds.
Follow us on twitter at: @ctbbpodcast
We're new to this podcasting thing, so feel free to send us any feedback here: info@criticalthinkingpodcast.io
Shoutout to YTCracker for the awesome intro music!
------ Links ------
Follow your hosts Rhynorater & Teknogeek on twitter:
https://twitter.com/0xteknogeek
https://twitter.com/rhynorater
------ Ways to Support CTBBPodcast ------
Hop on the CTBB Discord at https://ctbb.show/discord!
We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.
Today’s Sponsor - AssetNote. Listen to their podcast https://www.criticalthinkingpodcast.io/sspod
Today’s Guest: https://x.com/MtnBer
Resources
Universal Code Execution by Chaining Messages in Browser Extensions
https://spaceraccoon.dev/universal-code-execution-browser-extensions/
DOMLogger++
https://github.com/kevin-mizu/domloggerpp
BBRE Metamask bug
https://youtu.be/HnI0w156rtw?si=QixP8SX6JuRFz6PA
Bench Press: Leaking Text Nodes with CSS
https://blog.pspaul.de/posts/bench-press-leaking-text-nodes-with-css/
Timestamps:
(00:00:00) Introduction
(00:03:08) Structure & Threat Model for Browser Extension
(00:28:28) Extension Attack scenarios
(01:01:26) Attacking Extension Pages
(01:26:35) Attacking Service Workers
(01:46:23) Getting source code and dynamic debugging
100 قسمت
همه قسمت ها
×به Player FM خوش آمدید!
Player FM در سراسر وب را برای یافتن پادکست های با کیفیت اسکن می کند تا همین الان لذت ببرید. این بهترین برنامه ی پادکست است که در اندروید، آیفون و وب کار می کند. ثبت نام کنید تا اشتراک های شما در بین دستگاه های مختلف همگام سازی شود.