@albinowax you're the most awesome hacker. And your talks are always top notch.

Thank you for what you do

The best video on this topic so far

Thank you so much, sir!

What the hell? Cloudflare of all services doesn't think the unkeyed port param cache poisoning is an issue? What drugs are they taking, leaving in a vulnerability like that? I'm honestly baffled. Anyway thanks for the research man, this is some truly top quality stuff

thanks james allways mind blowing !!!!!!

26:14 the callback parameter was cache key and both ROR & CDN caches are splitting the parameters with & and ; . So why didn't the CDN notice that the callback parameter is different from the UTM_content parameter. So the CDN cache key for callback didn't even notice that the same cache key parameter is repeating second time? Why it wasn't, like callback(keyed)&(unkeyed); callback(keyed).

Very helpful, like always) thank you so much

Amazing !!!

Awesome Research

thanks you so much to share your great knowledge with us thanks you sir

Awesome! thanks James! A gif is needed to be made from 42:40 :D

Dope %amazing masterpiece

"for my next trick"

Good stuff but what about Cloudfront?

That's good. Thank you

True Legend !

love you sir

Thank you. Always as a crack.

good job :)

First Comment, love James Research

To let's go kick the cache with method of albinowax

යො බොසා

100th like