Episode 108: How to Hack Salesforce, ServiceNow, and Other SaaS Products With Aaron Costello

Episode 108: In this episode of Critical Thinking - Bug Bounty Podcast Justin and Joseph bring on Aaron Costello to discuss SaaS security and misconfigurations as a bug class. He also gives some in-depth examples from Salesforce, ServiceNow, and Power Pages.Follow us on twitter at: https://x.com/ctbbpodcastGot any ideas and suggestions? Feel free to send us any feedback here: [email protected] to https://x.com/realytcracker for the awesome intro music!====== Links ======Follow your hosts on Twitter:https://x.com/Rhynoraterhttps://x.com/rez0__====== Ways to Support CTBBPodcast ======Hop on the CTBB Discord at https://ctbb.show/discord!We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.You can also find some hacker swag at https://ctbb.show/merch!Today’s Sponsor: AppOmni. Get AppOmni's Definitive Guide to SaaS Security https://www.criticalthinkingpodcast.io/AppOmniToday’s Guest:https://x.com/ConspiracyProof====== Resources ======Aaron's Bloghttps://www.enumerated.ie/Data Exposure and ServiceNow: The Elephant in the ITSM Roomhttps://www.enumerated.ie/index/servicenow-data-exposureSalesforce Lightning - An in-depth look at exploitation vectors for the everyday communityhttps://www.enumerated.ie/index/salesforceLightning Components: A Treatise on ApexSecurity from an External Perspectivehttps://go.appomni.com/hubfs/Collateral/AppOmni_Labs_White_Paper_Apex_Security.pdf?utm_campaign=Network%20Computing&utm_source=referral&utm_content=network_computingMicrosoft Power Pages: Data Exposure Reviewedhttps://appomni.com/ao-labs/microsoft-power-pages-data-exposure-reviewed/====== Timestamps ======(00:00:00) Introduction(00:03:00) Aaron Costello, Arbitrary File Upload, & App Cache Manifest Poison bug(00:13:37) SAAS Misconfigurations as a bug class(00:43:27) SalesForce Misconfigurations(01:11:30) Microsoft Power Pages