In this week's episode, we cover an attack utilizing HSTS for exploiting Android WebViews and abusing YouTube embeds in Google Slides for clickjacking. We also talk about the infamous CUPS attack, and the nuances that seem to be left behind in much of the discussion around it.
In this week's episode, we discuss Microsoft's summit with vendors on their intention to lock down the Windows kernel from endpoint security drivers and possibly anti-cheats. We also talk cryptography and about the problems of nonce reuse.
We are back and testing out a new episode format focusing more on discussion than summaries. We start talking a bit about the value of learning hacking by iterating on the same exploit and challenging yourself as a means of practicing the creative parts of exploitation. Then we dive into the recent Intel SGX fuse key leak, talk a bit about what it means, how it happened.
We are seeking feedback on this format. Particularly interested in those of you with more of a bug bounty or higher-level focus if an episode like this would still be appealing? If you want to share any feedback feel free to DM us (@__zi or @specterdev) or email us at media [at] dayzerosec.com
Many resources for learning exploit development focus on specific tricks rather than underlying principles. My roadmap aims to teach the fundamentals of memory corruption to help you grasp modern, complex exploits.
Memory corruption is a difficult problem to solve, but many such as CISA are pushing for moves to memory safe languages. How viable is rewriting compared to mitigating?
Change is in the air for the DAY[0] podcast! In this episode, we go into some behind the scenes info on the history of the podcast, how it's evolved, and what our plans are for the future.
Bit of a lighter episode this week with a Linux Kernel ASLR bypass and a clever exploit to RCE FortiGate SSL VPN.
In this week's bounty episode, an attack takes an XSS to RCE on Mailspring, a simple MFA bypass is covered, and a .NET CRLF injection is detailed in its FTP functionality.
In the 250th episode, we have a follow-up discussion to our "Future of Exploit Development" video from 2020. Memory safety and the impacts of modern mitigations on memory corruption are the main focus.
In this episode we have an libXPC root privilege escalation, a run-as debuggability check bypass in Android, and digital lockpicking on smart locks.