Ep. 8 – OTP Flaw & Remote Code Execution: When Small Flaws Go Critical

Hacked & Secured: Pentest Exploits & Mitigations

محتوای ارائه شده توسط Amin Malekpour. تمام محتوای پادکست شامل قسمت‌ها، گرافیک‌ها و توضیحات پادکست مستقیماً توسط Amin Malekpour یا شریک پلتفرم پادکست آن‌ها آپلود و ارائه می‌شوند. اگر فکر می‌کنید شخصی بدون اجازه شما از اثر دارای حق نسخه‌برداری شما استفاده می‌کند، می‌توانید روندی که در اینجا شرح داده شده است را دنبال کنید.https://fa.player.fm/legal

3M ago 15:45

MP3•خانه قسمت

A broken logout flow let attackers hijack accounts using just a user ID.
A self-XSS and an IDOR exposed stored data. And a forgotten internal tool—running outdated software—ended in full Remote Code Execution.

This episode is all about how small bugs, missed checks, and overlooked services can lead to serious consequences.

Chapters:

00:00 - INTRO

01:22 - FINDING #1 - The Logout That Logged You In

07:12 - FINDING #2 - From Signature Field to Shell Access

14:40 - OUTRO

Want your pentest discovery featured? Submit your creative findings through the Google Form in the episode description, and we might showcase your finding in an upcoming episode!
🌍 Follow & Connect → LinkedIn, YouTube, Twitter, Instagram
📩 Submit Your Pentest Findings → https://forms.gle/7pPwjdaWnGYpQcA6A
📧 Feedback? Email Us → podcast@quailu.com.au
🔗 Podcast Website → Website Link

فصل ها

1. INTRO (00:00:00)

2. FINDING #1 - The Logout That Logged You In (00:01:22)

3. FINDING #2 - From Signature Field to Shell Access (00:07:12)

4. OUTRO (00:14:40)

12 قسمت

#Tech #Careers #Business #Penetration Testing #Bug Bounty #Ethical Hacking #Web Security #Application Security #Offensive Security #Podcasting Education #Amin Malekpour #DevSecOps #Secure Coding #Security Hardening #Secure Software Development #Security Best Practices #Red Team