# Protobuf Hacking, AI-Powered Bug Hunting, and Self-Improving Claude Workflows (Ep. 165)

## Метаданные

- **Канал:** Critical Thinking - Bug Bounty Podcast
- **YouTube:** https://www.youtube.com/watch?v=J8wFq51TtMs

## Содержание

### [0:00](https://www.youtube.com/watch?v=J8wFq51TtMs) Segment 1 (00:00 - 05:00)

Claude can also do the hosting now. Like you can literally just say like host it, — you know, and then it will go do that, you know. I did that for the zero trust world thing. — Best part of Viking when you can just, you know, critical think, right? — Yeah, dude. All right, y'all. We've talked about threat locker ring fencing a lot. We know how it allows you to set ACL's and policies for exactly what an application is allowed to do in your network. But today, I'm going to tell you how it does that. Okay, three technologies. Mini filter drivers, window filtering platform, and ex version kernel notification routines. Mini filter drivers are essentially a co hook or callback for um IO requests. Okay, so when you're trying to write or read from a file, you can create a hook with those and prove or deny based off of the threat locker ACL. Windows filtering platform, similar situation, but for connect bind uh requests, right? You can say, okay, hey, is this process allowed to talk to port 443 over there on the internet? Yes or no, approve or deny. Lastly, you've got EX version kernel notification routines. The EX version is important because uh it allows you to approve or deny versus just getting a notification from the kernel. Um and this is specific for um hooking various native API calls like nt create user process which is what you would use to like spin up powershell. exe or something like that. Okay, so those three are very useful to threat lockers ring fencing core technology. Hope you enjoyed learning how this is implemented. Check out threat locker if you think your work could benefit from something like that. All right, let's go back to the show. All right, dude. So uh I actually have a confession to make. — Uhhuh. So you don't uh me like that. So you remember on the pod a couple months ago when I said I'll never give a talk ever again. — Yes. — So I accidentally gave a talk. — You already did it. — I already gave a talk at zero trustworld and it was so much fun, dude. Oh my gosh, it was great. And uh like obviously Thread Locker is great. They sponsor the pod. They're they're really um instrumental to what we do here on the pod. But that conference is freaking great, man. Is it massive? Yeah. And my talk I just can I brag on it for just a second course. Like I was so pleased because I I roll up there and I like you know get everything set up and then the people start coming in and they gave laptops to every participant too at the workshops. Like the laptops were sitting in the seats you know that were there for them to use. You don't take them home but like you know they prepared them for you in advance. They imaged them and everything. So anyway, all of the seats fill up and then uh there's still a lot long line of people and then they come up that you know the threat locker team comes up and they're like, "Hey Justin, uh sorry to do this to you, but the line is like around the corner still. We need to put you in this bigger room. " So, like last minute before the talk starts, we move like 400 people to this next room, you know, and then that room fills up and there's people standing in the back and uh the turnout was awesome and the crowd was so engaged, man. They were like doing the labs uh like along we had more than half of the people, you know, raised their hands saying I finished the lab, you know, — uh which was sick. — What was the lab? — So, — okay, so the lab was and this is where I'm sorry, thank you for bringing me back around there. This is where all of this comes back to which was — the reason I don't didn't want to do talks is because I freaking hate prepping slides. — Yeah, you don't want to prep, right? — But just like you said, all you do is you write an outline in a MD file and then you just give it to Cloud Code and it just builds a website with for you with all of your slides on it. And that is the best for us as hackers because not only is like — are you dealing with HTML rather than like drag this element here, you know, that sort of thing. Uh but you also can just build the labs in like the interactive workshop directly into the slides. — Oh, that's dope. — It's awesome, dude. It's freaking awesome. And uh it was so fun to present. No issues. You know, you just drop it on a VPS. Yeah. — It's all, you know, more or less static. So it's like, okay, you 500 people brute forcing on it at the same time is not going to cause a problem or whatever. Yeah. — Um, — so anyway, dude, that's awesome. — I I'm back. I do kind of like giving talk. I love giving talks and the slide prep is not that bad anymore, so I'm very pleased. — Okay. I do have to give you a hard time, though. Did I see something that said you signed some stickers? — Okay. Yes. — Okay. Famous Justin. People are gonna collect your signed stickers. — Listen, man. Listen. That was shout out to Everett, head of partnerships. He's like, "Hey, man. I'm going to buy this Sharpie that we need to sign the stickers. " And actually, people really liked that, though. So, after the uh the talk, you know, I they were like, we gave out a couple signed stickers with codes, you know, to get free

### [5:00](https://www.youtube.com/watch?v=J8wFq51TtMs&t=300s) Segment 2 (05:00 - 10:00)

swag for CTB on them. And then people were coming up afterwards like, "Hey, can you sign the sticker? sticker? " And I'm like, "Okay. " You know, and so I don't know. — That's cool. No, I actually really like my uh I think um Network Chuck for you and I both like wrote like DC the date last year when he gave us like Network Chuck stickers and I that's like one of my favorite stickers on my laptop. Yeah, — I will say it is kind of wearing off so we need another one Chuck if you see this. But — yeah. Yeah, the silver Sharpie is the way to go apparently according to Everett. So um yeah, really great conference. I'm definitely going to go back next year. Uh I thought it was a blast and the venue was really good. Threat Locker killed it on how they put it on. Um, and so I'm going to go back and I really like that it has aspects of like there's definitely some more like corporate cyber security stuff there, but then there's also like literally hands on the keyboard hacking stuff labs as well, right? So, I think it's like a good like CISO and technical, you know, conference, which I think is pretty rare. It's one or the other typically. — That's dope. Also, by the way, if you hear like hammering or tile cutting, we have contractors upstairs. So, — dude, I also have contractors upstairs right now. That's funny. We're hopefully Richard, try your best with this episode, man. — Yeah, I'm going to try to mute between stuff, but we'll see. — Yeah. All right. Um, we got a couple of time. Yeah. — Yeah. Not a lot of time. So, let's jump through it. You you're up first. — Okay. [snorts] Sweet. Um, I mean, a lot of this uh episode don't let it scare you away. I think it'll be really interesting. You know, obviously I've often been talking about hacking AI, but this is going to be about using AI to hack. not the whole episode, but a lot of my content is. And I and I'm doing that honestly because it feels like it's in the zeitgeist, which if people don't know what that means, it's like that's what's in the culture right now. Like if you're on X, everyone's just like blowing up talking about using ad hack and there's like overreactions and there's bad takes and there's like good takes. And so anyways, a bunch of the things I'm going to mention are like relevant to that. Um our boy Sweetly or Sweet Lie, however you want to pronounce it. [snorts] Um updated BBcope. He has like a website and like he updated the open source code. So if you don't want to use the website, you can just like spin up your own instance of it. But um I've always loved this. I you know where I'm kind of like a recon guy and love big fuzzing. I've always loved BBScope to just like dump all this all of the scope for like because you know there are uh things like is it adiches like targets BBcope something GitHub that's like useful for all the public programs but if you want all of your privates which is really you know where often things are more likely to be found you can use BBcope to dump that. Um, and the like hacker one a while back added like an API key so you're not using something sketchy where you're like pasting in your cookies and all that. Um, and so anyways, he has a big new upgrade and I think you shared with me a link right before this which we'll drop it in the show notes that um, there was a pull request like he released this like a couple days ago and then as of like today there's no pull request that allows you actually just dump your reports which can be really useful. Now there is some drama around that uh, also if you want to get into that about whether you should give your reports. — I don't know. I think it's good. I think exactly what you did and what Corbin did as well where you just you dump your reports and you say Claude go build yourself a set of skills to implement the techniques that are referenced in this report. I think that is really good idea. I haven't done it yet personally but — well Tommy's big push back against that is that we don't have the right to share it with third parties. So Tommy was going at me on X our last guest which by the way if you haven't seen that episode it's awesome. Go check it out. Yeah, you know Tommy's obviously due to his past a very by the book person these days right like he is very much by the book and I you know my personal belief is that if you've got you know if you've set it in the settings for major model providers that you trust like Google open athropic that they can't train on your data I don't think there's any risk with like importing your reports to cloud code or codeex whatever to have it try to bypass or to find adjacent bugs to that or to build skills Um, if we get some sort of top down direction that we shouldn't do that, then maybe it's a different discussion. But anyways, that that's the drama around that part. — Yeah, dude. I I think it's I mean I think that we put these HTTP requests into Kaido, you know, we put these requests into Burp, you know, like there are obviously it's different when it's going up to the cloud or whatever, but like they're hosting stuff in AWS, right? You know, a hacker one is, right? So there there's third parties going to be involved in here, right? Um, — and as long as there's some legal protection there around like, you know, they're not allowed to train on it. And, um, I just don't think that there's any chance that they're going to be going through the, you know, tens of trillions of tokens to go find like my report, you know, like it just it seems silly, — right? Yeah. — Like get your head out of the freaking like I'm the main character vibe here. Like no one gives a [ __ ] about your bug bounty reports. Like it's exactly like if you've got some crazy like zero day on Android, you know, then okay, maybe you need to be careful, you know, like a like one of those $2. 5 million chains. — If you have a Pegasus exploit, like maybe be careful. — Yeah. But like really if you're not in

### [10:00](https://www.youtube.com/watch?v=J8wFq51TtMs&t=600s) Segment 3 (10:00 - 15:00)

possession of something like that, — no one gives a [ __ ] dude. Like about you, you know, like — and I really — And I'm saying that as a higher profile individual, like no one gives [ __ ] about me. — Like it's Yeah. And I think what Alex said was really eye opening too that we do actually retain full IP to our reports. And so in some ways I think we do have um you know some types of um rights. I don't know exactly, you know, where all those boundaries are, but I think that it is at the end of the day still our IP. It is oftentimes the company's IP also for their use, but it still is also ours. So — dude, I actually just logged into claiming data-privacy-controls and turned off those little — Yeah. — little things. I haven't done that yet, so I'm glad you reminded me to do that. If you guys haven't done that, you could just log into cloud. ai, go to your settings, go to the privacy tab, and turn those off. Um, — yeah, and maybe do that for each of your subs if you have multiple. — Exactly. Who knows You certainly don't have multiple, Joseph. So, — yeah, I've never mentioned that. No, I actually have three. Three right now, but I'm hoping to keep scaling up. So, — I feel like you're not allowed to say that, bro. — Okay, never mind. I don't have that many. — Anthropic is like I'm sorry, what' you say? Um, yeah. So, all right, man. Well, that's good. Um, I actually, as their next topic, just wanted to give a shout out to uh our boy Matt Brown, who recently announced that he was going full-time and, you know, pulled the trigger, did it job. — Yeah. Is a full-time um, you know, pentest, content creator, bug bounty hunter, that sort of thing. So, if you guys haven't seen his channel, um, you're definitely going to want to go check it out. We'll link it in the description. He's NMAT0 on uh, Twitter. And um yeah, his content is just the best content out there around for IoT device hacking in my opinion. — Yeah. And you know, I think that this is very resilient and important. Like obviously I think for being resilient and bug bounty, I think that you can look at games, look at desktop apps. Uh you know, there are things you can do to stay more resilient as like AI stuff kind of picks up. But I think going into hardware hacking is one of the smartest plays you can do if you have the time and the bandwidth to do it. And his YouTube channel is gold. like it's just the best at hardware hacking um on YouTube. And so and he's one of the boys, you know, he's he's been around the live hacking event scene. He's really cool. We got to support our friends. So — yeah, and uh I will say one of the things he announced in his video was that he is also doing training stuff by mass request. Um so he has two uh courses out there right now. Digital signal analysis for hardware hackers and beginner's guide to IoT and hardware hacking. Um, and guys, these are grossly underpriced. — Uh, these are like $200 and $50. — Oh gosh. — Uh, so yeah, I got to hit up my boy and be like, "What are you doing? " — Uh, like, but yeah, definitely go check those out. We're going to give away a couple subscriptions uh to this critical thinkers tier on Discord uh as a way to support Matt as he uh starts his endeavors here. But definitely a good place to get started with uh for hardware hacking if that's the route you want to go. — Yeah. And if you have any hardware stuff or want any type of pentest, like he does contract pin test. So if you're a company, definitely reach out to Matt. — Yeah. Um All right. What you got next? — Uh the second thing is probably short, so you might have me skip it. But original sick sec on X. Uh I feel like, um — people have maybe seen that before. Are you going to share? You want me to — No, go for it, man. — Oh man, I'm logged in. Um anyway, — oh share your screen. — Yeah, it's fine. I like to let you share or people can look it up themselves. Anyways, — I got you. — Another bug bounty hunter who built a MCP style client for um accessing and listening to reports and stuff. Honestly, I was going to share this before Sweetly Upgraded his BBcope. Um I'd rather have it all in one tool. So, I'll probably just use BBcope, but if anybody wants to use like a MCP for Hacker One to search your reports and that sort of thing, that's a good one to do. Okay. Uh yeah. So, my main thing um and this is like actually I'm going to let you go first. I'll let that be my second small one. Um you go first because my the rest of mine are all kind of around the same topic. Um Okay. — So, yeah. And that'll be like a bigger — discuss. Yeah, sure. I got you. So, um the next item that I had to share on the list was I've just been having a lot of success lately on Google with ProtoBuff related stuff. Okay. And and obviously there's like this protojson stuff that they're doing where you know uh they're removing the fields. It's kind of like protobuff but in JSON format. That is a necessity. You've got to know how to deal with that if you're going to hack on Google at all. That's not what I'm talking about. What I'm talking about is the actual protobuff stuff. Like there are a lot of parameters that are B64 encoded like you know binary protocol protobuff stuff. Um and I think a lot of people just get scared of it and assume it's signed or you know uh just don't mess with it. Um, and I've been messing with it and it's

### [15:00](https://www.youtube.com/watch?v=J8wFq51TtMs&t=900s) Segment 4 (15:00 - 20:00)

been giving me some good stuff. Uh, so I built a little Kaido uh, convert workflow which I'll drop in the Discord. Um, that allows you to just in line inside of Kaido uh, decrypt those uh, or I shouldn't say decrypt denode decode those um, uh, Protobuff B6 C4 encoded strings. Okay. — And then you can just kind of look at them. They're not going to have the key values, right? That's the sad thing about Protobuff is just has the value. But um you can look at the value and kind of extrapolate what's going on there. Uh and so you'll see nested protobuff. So protobuff inside of protobuff. And uh you know, I'm not going to lie, it does get to be a little bit of a pain. But if you de, you know, decode all of that stuff and you look deep into it, you'll find ids, you'll find, you know, strings that you see get manifested in the UI. Uh and those things have some really crazy impact once you start understanding it. — Yeah. It actually unlocks the ability to hack stuff that you kind of weren't able to like even like test before. — Yeah, absolutely. And I did want to give just a really quick um explanation of how Protobby Protobuff stuff works here. Um they've got a bunch of different you know features of Protobuff. But one of the things that I wanted to mention was that uh there are you know length delimited strings, right? So you can say okay I've got the string it's this length and it's you know sort of standard binary protocol like that but um they also encode the wire type a field number and continuation flag inside of it um and that's kind of what the you know single eight bits recommend uh represents there. So I I'll explain very briefly the first three bits are the wire type. So this is like oh you got a var you've got a string you've got a you know a fixed integer size um that's going to be encoded in those first three bits in the next four bits you've got the actual field number that is associated with this content. So if you have the protobuff um representation, you can map, you know, the key names back to the values. But if not, you're just going to get the — field number that is associated with this specific value, right? — Um and that takes uh No, that's f. — Uh no, that's five. five — four bits. — The last bit is uh the continuation — which allows you to continue expanding that metadata and then um you've got your actual data representation. So it's a little bit complex but once you kind of wrap your head around it, it's not too bad. You got to familiarize yourself with the um different variable types and stuff like that. uh and all of that gets extracted away by this Kaido convert workflow that I use and just allows me to see okay you know field one maps to this string field two maps to this integer that sort of thing and if you just have even that rudimentary level understanding of it then you can really pop some cool bugs if you can reverse you know write take cloud code and say hey re write me something that reverses this uh and then you can inject into those various fields does that make sense — yeah know it makes sense — yeah and cloud is so good at it, man. Every time you hand it a buffer, it's like, "Oh, yeah, of course the Protobuff. Here's the Python script to" and I'm like, "Thank you. " — Yeah. And that wasn't true a year ago. I actually wasn't. — Yeah. So, I've got a lot to say on that. But on the topic of Kaido and I'm wearing the Kaido shirt today um and Cloud Code, we released by Sorry, we me and Justin are advisers, but uh Kaido released a Kaido skill for Cloud Code or Codeex or whatever to plug into. It's at github. com/kyosskills. But there's also a blog that's getting posted today and I'm posting a blog post about it as well kind of addressing some of the elephants in the room. Um but yeah, actually do you know can that skill yet uh it probably cannot because workflows are kind of complex. It can't edit workflows yet. — I don't think so. But that is something we definitely want to build on the fly is like hey letting it hook in there and say hey build me a workflow to like decrypt this protobuff like oh my gosh — or implement this workflow that Justin uh made like you know install it for me in Kaido. [snorts] — But I will say though the I'm sorry going back thing because it is sort of relevant to that like if you do get Claude to analyze these protobuff strings and I'll just say it straight as I can here. This is a really good area for you guys to use AI to find bugs that were not really as accessible a year ago without AI, right? Because plot is very good at understanding these protobuff structures. So you give it this string and it can easily create you a program to reverse those and you know re-encode them in the right format, right? They do sometimes have checksums for those in Google's architecture inside of those protobuffs. Uh, but dude, clot is like a very high hit rate of like being able to just look at it and be like, "Oh, yeah, that clearly is the check sum for this. " So, I'll just

### [20:00](https://www.youtube.com/watch?v=J8wFq51TtMs&t=1200s) Segment 5 (20:00 - 25:00)

calculate that based off of the And I'm like, whoa, okay. Um, so definitely a good area to use those. And like you were saying, if we can get AI to be able to build workflows very easily inside of Kaido. I think that'll be a big level up, too. So, maybe I'll try to add that to the skill within the next couple weeks before this airs. — Yeah, it already has a ton of functionality. So, um, Emil and Yan added some really cool SDKs that are now plugged into that skill. So, it can like add findings, edit requests, search HTTP history, like add match replace stuff. I really want it to I really want them to, and I think in the next release they're going to add it, be able to mess with the sitemap tree because I think it'd be really cool to like um have some sort of like coverage map where you and because they're adding plugin to plugin um — plugin to plugin, what's that called? Conversation. — Yeah. Well, no disc like uh not compatibility. Anyways, the ability for plugins to communicate. Communication is the word I was looking for. — Yeah. — Um and I think having like a sitemap coverage tree would be so cool where it like it puts the sitemap into like a plugin and then it like marks them all red and then like as you and Cloud Code like add them to replay and test things, it like turns them all green and so you can be like, "Oh, I've definitively tested all this. " It makes me think of a long time ago, — I heard that like Space Raccoon used to do that like when especially when he first got started. He would basically list out every API endpoint and like every query and then like all the bug class he likes to check for and he would have like a coverage map in Google Sheets and he would just test every single thing and then he would end up finding a bunch of bugs that way because he was way more thorough than anyone else. Right. — That jerk man. You know, the same thing that Ronchan did that really like messed with me was like he's like, "Oh yeah, I just need you need to be so thorough. You need to like test every field and every value for every field of every endpoint of every mutation of every freaking I'm like dude like stop, you know? " And uh I don't know. I'm still so jaded from this one live hacking event where I spent like an hour on this one, you know, trying to exploit this one endpoint and he popped in and got arbitrary atto on like GitHub or something or no on GitLab and this is before he worked with them — and it was because you missed like a single key, right? — Yeah. And it's like, you know, it's like one of the weird, you know, values of the GraphQL schema that like doesn't look like it's going to do anything, so you don't even really check it, but then it like completely bypasses the whole off scheme. It's like but yeah um dude thoroughess is important — on that exact same topic because it's like just relevant to all of this cloud code when hacking for um me and XSS doctor basically found a high or maybe it's a critical on like a major company by looking at like the survey endpoints like that's just the stuff that I always ignore you know like this just stuff that's like feedback submission survey junk same things with same thing with those headers that there was like that big finding on last year like trace headers or It's like these things that like we get so used to as bug hunters uh used to ignoring that sometimes, you know, Claude or um whatever we're using, we'll end up testing. So, — dude, are you even hacking anymore, bro? Are you just like directing Claude? Like, every time I hear you talking about it, you're just like directing Claude. — Yeah, I feel like my job is more triage and validation like over the last six weeks. — It's crazy. And I mean I don't think that it in any way I mean I'm sure over time it will degrade skills but in general I find that it's like uh leveling up my heristic for like where to look and what to look at and it's also um yeah it's just finding stuff that I would have not found right and so it's expanding my scope and my understanding of these applications especially on big targets like Google like just the random gadgets and information it finds about architecturally about these targets levels up my understanding architecturally where even if cloud code were to go away, I now understand Google's infrastructure way better. — Yeah. I think that is the plus. I will say that I have found myself becoming a little bit lazy though. Oh yeah. Like the other day I like a buddy of mine found a CSS injection and I was like, "Oh yeah, dude. I'll just use like my stuff to hack this and I was like, "Oh man, I'm going to have to like set up the font leak and the liatures and all right, let me go do it. " And I started doing I was like, "Oh, I'll have Claude do it. " And then I spent like two hours trying to get Claude to do it and Claude couldn't do it. — Oh, you could have just done it. — No, I know. I could have just done it myself and I'm like, "No, I'm just going to like get Claude to do it. " And then it like, you know, and then you run it for the first five minutes and and it's like, "Oh, wow. It's doing everything. Like, this is going to be so fast. " And then something's off and but you have no idea what because you didn't do any of it, you know, and it's like, — "Dang it. " Uh, so I don't know. Sometimes you get big wins, but sometimes there's misses on that as well, I think. — Yeah. All right, dude. Here's the major topic. You got one more thing before I jump to this whole major topic. — Okay. Yeah, I do. Okay. [clears throat] Um, so I wanted to mention as well, and I I've mentioned this, I think, briefly on the pod before, but I've actually been finding a lot of permissions issues, client side bugs recently, and I wanted to mention a chain that is uh that is pretty good that maybe people can use. So, um, one of the vans I found recently was a sea surf of sorts to

### [25:00](https://www.youtube.com/watch?v=J8wFq51TtMs&t=1500s) Segment 6 (25:00 - 30:00)

start recording with the victim's mic. Uh, and then you know what would happen is if after a certain period of time, it would take whatever you said, transcribe it, and put it into their service, right? — Okay. — And so I was like, okay, well, if I go to the site and I click allow, you know, allow this site to always access my microphone or whatever, um, then this doesn't require any user interaction at all. You could it can just start recording your microphone at any time. Um so what I did is I did a login seurf to my own account. — Wow. — Then I you know audio record curfed uh the endpoint to start recording. — Sick. — And then after a certain period of time it would you know cut the recording and then upload it to my account. — It's in your account. Yeah. — Right. So now I can just effectively spy on the user. Um and yeah it's I mean it seems to hit pretty well. I've reported this a couple times now and it and you know they care about this. Um I think it's a little bit of a flaw with the whole concept of like domain locked permissions — because — it almost needs to be account locked, right? — It does it Because if you know — Yeah. basically this is like a really — it but like you know is going to be on my account. If it's on my account I'm fine with it recording, right? But if it if somebody log in seurfs their own account, then I'm going to, you know, now I'm just uploading data into somebody else's account, you know, and it's this is not good. — Well, I just love it because I think that taking a gadget like CE like login curve and turning into something impactful is really cool. — Yeah. So anyway, and then there's also the concept that I've talked about before of like permission delegation down into iframes. like whenever you're seeing an iframe that you can control, make sure you check the permissions, you know, the allow um attribute on that to like know whether it's allowing like screen recording, mic recording, any of those things. And that whether those permissions are being delegated from the top level frame down into the iframe and if it is, then you might be able to abuse those as a third party iframe inside of a trusted tople page. — Right. Yeah, I remember you'd mentioned that. What's the name of that attribute again? Yeah, I think it's like the I'm gonna go pull it up right now, but it's like the allow iframe permissions. Pull it up on MDN. — Yeah, the allow property. Yeah, we the allow property of the HTML iframe element indicates the permissions policy specified for this iframe. — So, yeah, that's the one. — All right, dude. So, in a private Discord that you and I are in, I've had lots of discussions. I had these same discussions back whenever AI was like getting a little bit better at coding and it was like getting better at image gen and video gen. You know, I was always like in there hyping it up as I as the hype man that I am. But um I would get some push back, you know, like, oh, I can definitely tell this is AI and that sort of thing. And it eventually kind of passed. You know, of course, you can still tell sometimes when things are AI, but it is getting harder. But anyways, now that discussion has now kind of moved into over the last like week or two, can AI hack things, right? And I'm sure if you're on X at all, you've probably seen all these discussions. People are blowing up tweets like, "I found this with cloud code and I found that with cloud code. " And it's brought out in my opinion a couple different like um thoughts. And these are in my most recent blog post that I just put up on the site. Um but the thoughts that um I often feel compelled to believe are things like even my grandma could do it, right? Um, and there was some like really cheesy AI slop about my grandma finding a bug, you know, not literally mine, but the person who was posting it. Sorry for hitting my mic. And um, and I, you know, and I think that I am like I tend to overestimate what other people can do, especially people who don't have our skill set for like our understanding, for how we see bug bounty, how we see life, how we see coding, how we sell Cervers. And in fact, you know, in building like small AI apps um, for just like friends and family, when someone says thank you, I'm like, "Ah, don't worry about it. Claude did it. And my wife's like, "Stop saying that. " Like, sure, that's kind of true, but you know how to host a server. tell it what to do. You know like how it should build it. And then when things don't work, you know how to fix it. Like you're basically leveraging all of your technical expertise to like actually make this possible, right? And so I kind of disagree with that though, dude. Like totally I agree with you, but like Claude can also do the hosting now. Like you can literally just say like host it, — you know, and then it will go do that, you know? I did that for the zero trust world thing. I was like, — but when you say host, it's going to say like where do you mean to host it? Right? And so like for somebody who's nontechnical, it's going to say like, okay, well, do you have a virtual server anywhere? And when grandma says no, it's going to be like, okay, well, you need to go sign up on this website, right? And then get me an API key. It's like we know what API keys are. We know how to sign up for websites. we know and like that is a low barrier entry but what I'm saying what I'm trying to say here is I think that — when I say you know kind of anyone can do it I'm talking about like anyone with

### [30:00](https://www.youtube.com/watch?v=J8wFq51TtMs&t=1800s) Segment 7 (30:00 - 35:00)

knowledge of APIs and servers and who has done some hacking right and at that point I think I'm 1000% correct but I don't think that like anyone can do it right — so okay I so yes I agree but I think the difference between you and I who are like spending like time deploying stuff hacking things you know very technical in the weeds, right? And my friend Tobias, who is uh, you know, business IT automation, you know, is what he loves to do. — The gap between me and him just got a lot smaller — because he can now say to Claude, "Okay, yeah, you need a VPS, I got you. Here's, you know, the IP address and I set the password to this. Log in. " And then it just logs in and does it, right? You know, he can do that. Yeah. go grab an API key and and you know, if you get give it an API key for Digital Ocean, it'll just get the domain, it'll grab the thing, you know, it can do all of that, right? Um, so I don't know. I on one hand, certainly that's true, but I think the gap for between him and us just got a lot smaller, and I also think it superpowers us, you know, to be able to do things like the gap between me and the person that invented Protobuff, you know, like you know, there's tears to this and I think Claude helps helps, you know, take people that have a general knowledge of something and be able to actually implement it, which is really beautiful. — Yeah. No, I agree. And I think that for the I think for anyone who is just like slightly further down, they can just keep asking like, "Okay, well, how do I do that? " Okay, that? And when everybody's in that mindset, it really does um level everyone up. But the other thing that kind of hit me was like um so let's say your buddy your IT buddy spins it he spins up a VPS he's using cloud code he's getting into bug bounty he's like okay go find these bugs all right so now what's the next limiting factor is he doesn't know what is a false positive and so this is another thing that actually Patrick pointed out to me — and it's and you know because I'm kind of like I kind of hate the fact that like any salesperson right now could just go use cloud code make a hackbot and then go like rip a bunch local businesses off like running his packbot as like a pentest as a service and selling pentest, right? But I think that the difference um and obviously business owners can't differentiate this, but the real difference between that and what I'm doing or what you're doing is that we do know, right? When it when it says jackpot critical finding, we're like, yeah, that's just a wild card course and it's not — there's a chance it's actually valid. — Yeah. Exactly. And I do think um if you are building this and you're having those issues, the pro tip here is basically play whack-a-ole with those errors, right? As you run it over the next week, go back and look at the false positives and incorporate those back into the prompt. Like, hey, when you found this, it was a false positive because of this. When you found this, you said it was a critical on my rating. That's more like a low or medium. I still reported it, but like you know, like basically play whack-a-ole with the issues it has and it will improve. And so, I think that that's a good tip. But I do think that that's another place where our intelligence is baked in um to what we just expect of others but that they might not be able to actually have or do because it often will even take me a while to fully gro and to fully validate some of these bugs. Um and it's because they're like weird ones, right? It's like it's not using my knowledge. It has knowledge about stuff that I don't even understand, right? And so then I have to go understand and figure that out. — Now we understand what it feels like to be a triager, you know, where they're like, "Oh, we just got this report. " Like I don't being a triagger I think is a really crazy skill, you know, like you've got to be able to, you know, figure out the threat model, look at this person's attack vector that you've never heard of before, — figure out if it's valid, you know, it's pretty cool. Um, but yeah, I don't know, man. I think one of the areas I'm underusing Cloud right now is like getting more customization and playing whack-a-ole, like you said. Like I'll often just really rely on like very few things that I have in my cloud MD File a handful of skills and then just spend most of the time actually just explaining to it. — Okay. Well, that what to do. — Okay. Well, stop. Let me fix that for you. It It's going to take like three lines. Really, it makes a big difference. You just need to add to your cloud MD. Anytime I get frustrated or anytime I have to reexlain something to you that you did not understand or anytime that you like try one command and it fails and you try another command and it fails, add that to the applied learning section in your Claude MD and it will literally grow. Like every time you use Claude, it improves. It's like a self-improving loop that will then level up your own local Claude that will make it much better. — What? [sighs] Okay. — Are you mad you didn't do this? Do you disagree with what is it? — No, I just like I don't know, man. I like I don't really I like I feel like is it going to know what things I want to have it improve on? Like I don't get frustrated with cloud. I don't say like listen here you dummy. You know, like I I tell it, "Hey, do this. " And I try to, you know, I don't know. — Okay, here's what I noticed when

### [35:00](https://www.youtube.com/watch?v=J8wFq51TtMs&t=2100s) Segment 8 (35:00 - 40:00)

I'm using it. I'll say, "Hey, go pull up whatever that we were working on last week. Go find it. " And what will it do? It'll run like 20 different bash commands. It'll try to find it in some places. It'll try to use this thing. It'll use too wide of a thing. It'll find too many files. It'll find too few. Right? Ever since I added that thing that I just told you now, what it does, like once it's like had to try something and got a bunch of errors or not found what it's looking for, it will then update information. It'll be like, you know, when Joseph asked me to look for session files in claude, they're located includes. Right now, the next time I ask it to search, it only searches once. And so it basically improved itself which saves tokens and then like saves frustration, saves time. — Okay. All right. Fine. I'll give it a shot. I'll add it. All right. Um Okay. Be before we we close though, um one of the things I did want to discuss was I think there's this whole concept of like token FOMO right now where people are like, I should be really utilizing my Cloud Max subscription to the absolute max. I think you're doing a great job of that. Um they integrated CL uh cloud RC which is something that I was really looking forward to with um like just being able to take your cloud session and you know resume it on your phone and give it instructions in the real time but it doesn't support dangerously skip permissions which is something that you essentially have to use if you're using cloud because it's like it's going to run 50 bash commands you know and you're like I don't want to press yes every single time like I want you to sit in this container that I've got you in — and then do whatever the heck you want in my little container, you know. Um, so I don't know, man. Do you have any good solution for that? I was kind of disappointed by RC. — Uh, I just haven't needed it. I didn't need OpenClaw or RC. And it's specifically because I just deployed a Discord bot that creates a thread and in that thread, it's the same thing as a cloud session. So, I just have a private Discord server. I just — What do you just like about this? — Doesn't look as good though, right? Like — Oh, it looks great. Let me see if I can take a good screenshot and share it with you all. Uh, I want to do it very quickly, but basically — put it in the dock or something because Yeah, maybe. — Yeah, I'll put it in the dock, but basically what — redact it. — Yeah, that's fine. What it looks like is, have you ever even seen this? This is a little pro tip for the listeners, too. Did you know that uh Discord has a diff um code block type? — Ah, — send me a message. Send me a message to Discord. Actually, everyone listening along in Discord, do back tick backtick diff. And then have some lines with a plus and minus. The lines with a plus will be green. minus will be red. — Oh, interesting. Wow. What the heck, — dude? It's beautiful. And you can So, you can just have it write that out. So, I have mine write out all the tool calls, all the things. Let me see if I can um show you. — You don't have to redact in real time. You can just put it in the doc and then we'll redact it afterwards. And — Okay. Yeah. Well, let me when I show you what this looks like, you're going to be like, uh, I need that. I'm gonna put it in the dock and Yeah, we'll just put it Yeah, that's true. We can just like do a overlay or I can even find a better picture. Okay, I just put in the doc. What do you think? This is what my threads look like. — Yeah, that looks pretty good, man. — Yeah, you can see exactly what it's running. And I even have it snip if it's too long. — And um and I have it where I can like send audio messages in. So like — What about control O? — Control O. Oh, to show more. Yeah, I can't do control O, but I do have things like um you know how you can control C if it's like going down a rabbit hole? — Yeah, — you just send in like a stop command, it stops it. Um, — okay. — Yeah. So, — and you just had it code up this bot for you? — Yeah, I had to code up this bot. I would maybe be willing to share it. I'll think about that. But either way, I mean anyway, — there's plenty of solutions out there, I'm sure. — Yeah. And I will say you have to write custom handlers for like each tool call type. So, let me show you this in the doc. Um, basically what I'm showing for the listeners only is that you know how there's a todo write and like a todo read. So, I have mine use emojis for like the todo right. So, like right here, you can see it. It's already finished all the tutors at the top and it's working on the bottom one. And so, it updates that as it goes and it writes that out. — Um, — wait, does it go back and update the message — or does it write a new to-do list every time? — No, it's writing a new to-do list. Yeah, but it doesn't matter because I'm just watching the bottom anyways. And at the top of these um new threads, I have it give me the d-res. So, if I need to go like jump on this on the BPS, I have a copy and pasteable command to jump straight into this session. — What are you so skeptical for? This is great. I can just hack from my phone basically like with continue. Oh yeah, sorry. I have that too. So if I do slash my Discord bot um resume, I can paste in the resume. So this is basically like the RC continue or remote control. — Sure. — From my local U machine or from my VPS and it will resume that session. So then I can walk away and keep going. — Wait, do you have this running on your local machine and on your VPS? — Um no, the bot doesn't actually have access to local. So, it's only you could do the same thing if you wanted to, but it would have to pick it up from local or SCP it or something. — But, — yeah. All right, man. I don't know. I I just like I It's not good. The cloud interface, the cloud code interface on the phone is not good. It It's bad

### [40:00](https://www.youtube.com/watch?v=J8wFq51TtMs&t=2400s) Segment 9 (40:00 - 44:00)

but it looks how I want it to look. — Yeah. — You know, like, and it feels how I want it to feel, but like the implementation is really bad. — Here's the diffs, by the way, since we're about to end. Um, here's like the type of diffs it writes whenever it's updating stuff for me. — Oh, wow. Dang. That's super gorgeous. — I know. It's actually easier on the eyes than the um TUI. — Dang. Okay. All right. Maybe that one I'll give you a maybe on. I will definitely go add to my cloud MD file, you know, the self-improvement loop thing. But uh — well, here's the thing about the Discord bot. You don't have to use it. Like what it's really useful for is a lot of times on my VPS, like let's say I'm out and about and you know, somebody messages me as like, "Hey, here's this critical thing. Can you validate it real quick? " I will then just like pull up my phone, pull up Discord, do like start a new session in that new thread and just be like, "Hey, validate this for me. " Or I'll say like, "Hey, you know, my website went down. Can you check out like check the logs real quick, check the errors? " It's kind of like my DevOps engineer on speed dial in Discord where I'm already at anyways when I'm out and about when I don't have my computer. And so I can both hack from remote or check on things via remote or download things or I can say like host this from my friend at this path and I can do all of that without my computer. — Yeah. But like can you do that? Like does it take images? Does it take voice recording and stuff like that? Because even with Claudebot I had issues with that back in the day. — Yeah. No day being like three weeks ago when got popular. — No mine does accept um attachments — and it does accept voice. Um, I don't have it accepting images, but I mean it would be mostly trivial to use. I just never have to give it images. So, — yeah, that makes sense. All right, man. We'll see. We'll give it a shot. I feel like this episode was like a bunch of us talking about Cloud, but the world is really changing, man, with the way that it works with uh with bug bounty stuff right now. I think — Yeah, actually, let me respond to that with the like even though we're going over by like one minute here. I do have to go pick up my daughter. But I think that people who are annoyed by us talking about AI or AI hacking like they're just like they are just they did they're just missing out or they're just being um like grumpy about it because like even if you're only going to use it to just write code for you to like reproduce something or even if you're only going to use it to host a PC like you're silly to not use it for some things like that, right? Or even if you're only going to use it for reversing RPC like let's you don't have to use it as your full-blown hackbot if you don't want to. Like I know Bus Factor, he like just really wants to be human in the loop with it, right? But it found him a high on a program that pays 8K for highs last night and before that he was kind of like skeptical, didn't really like it, was kind of just like piecing it together or copying and pasting from chat bots. And now I think he's probably going to be hooked because that one bug will pay for his usage for three years, right? And — um and there's no doubt it's going to get better. So that's one thing I didn't get to mention was, you know, I think the reason why this is so possible like Hackbots worked a year ago, right? expo or whatever like companies were able to do some stuff with it but you had to have a bunch of like specialized uh rappers specialized prompts and the reason for that was because the models were not that smart you needed the internal monologue of experts or good reports in the context you don't need that anymore because claude opus 46 even saw at 46 and I think Douglas Dman using haiku and finding bugs with it he's found like five figures worth of bugs like in the last couple weeks and he's using like mostly haiku is because they went in cyberbench from like 30% to like 69% of pass rate. What this means is the models actually understand hacking better than they ever have before on this most recent release. And so anyways, people can be skeptical, people can be mad. I don't really care. I think that this is going to continue to impact our industry and it you have the opportunity to really like level up and make more money this year, more bugs. Um, and people should do it. So — yeah. Well, GG, man. I think that's true. And I think, you know, just a moment ago, I sort of had that experience with Shift a while back, you know, and I got that 15k bounty. And every time I just recently had to go and uh refill my open router with credits. I was like, "Oh, man. Do I put another 200 bucks on here? " And I'm like, "Wait a second. This has already paid for itself time and time and time again, you know. So, yeah, it's definitely worth it. " All right, let's make let's uh let's call it a wrap then. Yeah. — Perfect. Yep. Peace, guys. — Peace. Good pod. And that's a wrap on this episode of Critical Thinking. Thanks so much for watching to the end, y'all. If you want more critical thinking content, uh, or if you want to support the show, head over to ctbb. show/isord. You can hop in the community. There's lots of great highlevel hacking discussion happening there on top of master classes, hackalongs, exclusive content, and a full-time hunters guild. If you're a full-time hunter, it's a great time. Trust me. All right, I'll see you there.

---
*Источник: https://ekstraktznaniy.ru/video/32013*