Sandbox bypass for the latest AngularJS version 1.5.8 - XSS with AngularJS 0x4

Channel:
United States LiveOverflow
Subscribers:
921,000
Published on ● Video Link: https://www.youtube.com/watch?v=JFIGpRh76XY


Duration: 6:35
13,133 views
251

The current AngularJS version is still vulnerable to this bypass. We just had to modify the latest fixed bypass to break the incomplete fix in 1.5.7

-=[ 🔴 Stuff I use ]=-

→ Microphone:* https://geni.us/ntg3b
→ Graphics tablet:* https://geni.us/wacom-intuos
→ Camera#1 for streaming:* https://geni.us/sony-camera
→ Lens for streaming:* https://geni.us/sony-lense
→ Connect Camera#1 to PC:* https://geni.us/cam-link
→ Keyboard:* https://geni.us/mech-keyboard
→ Old Microphone:* https://geni.us/mic-at2020usb

US Store Front:* https://www.amazon.com/shop/liveoverflow

-=[ ❤️ Support ]=-

→ per Video: https://www.patreon.com/join/liveoverflow
→ per Month: https://www.youtube.com/channel/UClcE-kVhqyiHCcjYwcpfj9w/join

-=[ 🐕 Social ]=-

→ Twitter: https://twitter.com/LiveOverflow/
→ Website: https://liveoverflow.com/
→ Subreddit: https://www.reddit.com/r/LiveOverflow/
→ Facebook: https://www.facebook.com/LiveOverflow/

-=[ 📄 P.S. ]=-

All links with "*" are affiliate links.
LiveOverflow / Security Flag GmbH is part of the Amazon Affiliate Partner Programm.

#WebSecurity #SecurityResearch



Other Videos By LiveOverflow


2016-11-18Making-of LiveOverflow videos
2016-11-15The Heap: dlmalloc unlink() exploit - bin 0x18
2016-11-11int0x80 from DualCore lent me his lockpicking set and I'm a horse - BruCON CTF part 2
2016-11-08Simple reversing challenge and gaming the system - BruCON CTF part 1
2016-11-04The Heap: Once upon a free() - bin 0x17
2016-11-01The Browser is a very Confused Deputy - web 0x05
2016-10-28The Heap: How do use-after-free exploits work? - bin 0x16
2016-10-25What is CTF? An introduction to security Capture The Flag competitions
2016-10-21Explaining Dirty COW local root exploit - CVE-2016-5195
2016-10-18Channel is growing and Riscure hardware CTF starting soon - loopback 0x01
2016-10-14Sandbox bypass for the latest AngularJS version 1.5.8 - XSS with AngularJS 0x4
2016-10-11Live Hacking - Internetwache CTF 2016 - exp50, exp70, exp80
2016-10-06Scripting radare2 with python for dynamic analysis - TUMCTF 2016 Zwiebel part 2
2016-10-04Reverse Engineering with Binary Ninja and gdb a key checking algorithm - TUMCTF 2016 Zwiebel part 1
2016-09-30The Heap: How to exploit a Heap Overflow - bin 0x15
2016-09-27The Heap: what does malloc() do? - bin 0x14
2016-09-23CSRF Introduction and what is the Same-Origin Policy? - web 0x04
2016-09-19New Sandbox Bypass in 1.4.7 - XSS with AngularJS 0x3
2016-09-16Previous Bypass is now fixed in version 1.4.7 - XSS with AngularJS 0x2
2016-09-13XSS Contexts and some Chrome XSS Auditor tricks - web 0x03
2016-09-09Capturing & Analyzing Packets with Saleae Logic Pro 8 - Reverse Engineering A/C Remote part 2


Tags:
live hacking
live ctf
let's hack
how to hack
hacking tutorials
software exploitation
angularjs sandbox bypass
what is a sandbox bypass
sandbox bypass 1.5.8
angularjs sandbox
how to bypass javascript sandbox
bypassing javascript sandbox
expression sandbox
sandbox bypass 1.5.7