Quick episode with four somewhat simple bugs in JPEG parsing, a remote memory disclosure in libcurl due to the difference `sizeof(long)` on Linux vs Windows, and a heap out of bounds write in the Linux Kernel.
Just one vulnerability this week, a secure boot bypass, and some research into detecting compiler introduced bugs. Ending the week with a discussion about how to learn fuzzing.
Lets talk about "sidedoors" this week, with two vulnerabilities abusing alternative access points, along with an overly verbose error message that actually had some immediate impact, and a look at the challenges of client-sided session.
This week we discuss taint analysis and where to use it compared with fuzzing, a couple buggy code patterns in Go to be on the lookout for, and another remote stack-overflow in the Kernel TIPC module.
CSRF lives again in the form of CORF, Cross-Origin Request Forgery with an attack against Grafana. We also take a look at some baby monitor issues and a de-anonymization attack against Twitter.
A discussion heavy episode this week as we speculate about how some XNU code passed muster, and how to exploit a small overflow and weaponizing a large info-leak.
A "maybe" issue this week in Ruby's net/http library, some long chains leading to XSS, and a look at abusing parameter injection for SSRF in applications integrating with the Google Drive API.
Binary ninja 3.0 just dropped, lets talk about that, then into pwnkit and a couple kernel bugs, and ending this week off with a discussion about dealing with imposter syndrome.
A new security-related humble bundle, MFA bypass in Box, and a a few older style vulnerabilities: lfi2rce, allow-list bypass with an @ sign, and insecure random number seeds.
Short episode this week, stack smashing, integer overflowing and a more logical issue. Ending off with a discussion about what to do when you're stuck on CTFs.
This week is a shorter episode looking at some bad code in mermaid.js and Moodle's Shibboleth plugin, and a bit of research regarding URL parsing issues.
We are back for the first 2022 binary episode, and its all kernel. Obtaining root through an hours long exploit process on Ubuntu thanks to an invalid free, use-after-free in XNU due to bad locking, and some terrible code in Samsung S20 DSP kernel driver with multiple integer overflows.