New Sandbox Bypass in 1.4.7 - XSS with AngularJS 0x3

Walkthrough of the sandbox bypass for version 1.4.7 by Gareth Heyes that leads to XSS in AngularJS. mario heiderich @0x6d6172696f (https://cure53.de/) gareth heyes @garethheyes XSS without HTML: Client-Side Template Injection with AngularJS http://blog.portswigger.net/2016/01/x... An Abusive Relationship with AngularJS https://vimeo.com/165951806 =[ 🔴 Stuff I use ]= → Microphone:* https://geni.us/ntg3b → Graphics tablet:* https://geni.us/wacom-intuos → Camera#1 for streaming:* https://geni.us/sony-camera → Lens for streaming:* https://geni.us/sony-lense → Connect Camera#1 to PC:* https://geni.us/cam-link → Keyboard:* https://geni.us/mech-keyboard → Old Microphone:* https://geni.us/mic-at2020usb US Store Front:* https://www.amazon.com/shop/liveoverflow =[ ❤️ Support ]= → per Video:   / liveoverflow   → per Month:    / @liveoverflow   =[ 🐕 Social ]= → Twitter:   / liveoverflow   → Website: https://liveoverflow.com/ → Subreddit:   / liveoverflow   → Facebook:   / liveoverflow   =[ 📄 P.S. ]= All links with "*" are affiliate links. LiveOverflow / Security Flag GmbH is part of the Amazon Affiliate Partner Programm. #WebSecurity

Join Today
Sandbox bypass for the latest AngularJS version 1.5.8 - XSS with AngularJS 0x4
▶︎

Sandbox bypass for the latest AngularJS version 1.5.8 - XSS with AngularJS 0x4

Sandbox Bypass in Version 1.0.8 - XSS with AngularJS 0x1
▶︎

Sandbox Bypass in Version 1.0.8 - XSS with AngularJS 0x1

Previous Bypass is now fixed in version 1.4.7 - XSS with AngularJS 0x2
▶︎

Previous Bypass is now fixed in version 1.4.7 - XSS with AngularJS 0x2

everything is open source if you know reverse engineering (hack with me!)
▶︎

everything is open source if you know reverse engineering (hack with me!)

Everyone Ignored Him… Until He Played | GUITAR PRO pretended TO BE HOMELESS
▶︎

Everyone Ignored Him… Until He Played | GUITAR PRO pretended TO BE HOMELESS

Reflected XSS with AngularJS sandbox escape without strings - Lab#25
▶︎

Reflected XSS with AngularJS sandbox escape without strings - Lab#25

Only 40 lines of code
▶︎

Only 40 lines of code

Co-Creator of Haskell: Functional Programming, Thinking in Types, Useless Languages | Simon Jones
▶︎

Co-Creator of Haskell: Functional Programming, Thinking in Types, Useless Languages | Simon Jones

Creator of C++: Bell Labs, Negative Overhead Abstraction, Mistakes | Bjarne Stroustrup
▶︎

Creator of C++: Bell Labs, Negative Overhead Abstraction, Mistakes | Bjarne Stroustrup

DRY principle is why your codebase sucks?
▶︎

DRY principle is why your codebase sucks?

Buffer overflow on a modern system impossible? stack0: part 1 - bin 0x21
▶︎

Buffer overflow on a modern system impossible? stack0: part 1 - bin 0x21

We've Been Using The Wrong Science In Court For 50 years
▶︎

We've Been Using The Wrong Science In Court For 50 years

Tips for C Programming
▶︎

Tips for C Programming

See How a 453kg Giant Bluefin Tuna Is Flawlessly Carved in Seconds
▶︎

See How a 453kg Giant Bluefin Tuna Is Flawlessly Carved in Seconds

SUMMER DEEP HOUSE Musics Mix 2026 ♫ Bruno Mars, Lady Gaga,Dua Lipa, Adele,Ed Sheeran, The Weeknd #10
▶︎

SUMMER DEEP HOUSE Musics Mix 2026 ♫ Bruno Mars, Lady Gaga,Dua Lipa, Adele,Ed Sheeran, The Weeknd #10

Introducing the AngularJS Javascript Framework - XSS with AngularJS 0x00
▶︎

Introducing the AngularJS Javascript Framework - XSS with AngularJS 0x00

But what is the Fourier Transform? A visual introduction.
▶︎

But what is the Fourier Transform? A visual introduction.

Web Security Academy | XSS | 27 - Angular Sandbox Escape Without Strings
▶︎

Web Security Academy | XSS | 27 - Angular Sandbox Escape Without Strings

DEFCON 32, 2024 vlog | Hindi | Hackers World #defcon2024
▶︎

DEFCON 32, 2024 vlog | Hindi | Hackers World #defcon2024

Cross-Site Scripting (XSS) Explained And Demonstrated!
▶︎

Cross-Site Scripting (XSS) Explained And Demonstrated!