Its a web-exploit heavy episode impacing Apple, Hasicorp, Azure, Google, and even a DOMPurify Bypass. Then we end-off with a look into benchmarking fuzzers, and a look at the House of Muney heap exploitation technique.
Every wondering how you might fingerprint and trace exploit devs in the wild? Wondered what a backdoor in a D-Link router looks like? Want to hack Facebook (for Android)? We have all of that and more!
Lets go back in time to look at the leaked WinXP source, and a Half-Life 1 exploit. And, while we are at it a couple Instagram vulns and a cheap hardware attack against Android.
A "trivial" Bhyve VM escape, a BitWarden "RCE", a ModSecurity "Denial of Service" and more scare quotes for your enjoyment in this week's episode.
Leading off this week's discussion is the news about the now remote CCC and Offensive Security's plans to retire OSCE. On the exploit side of things, this week we have a few recent bug bounties including a Google Maps XSS, a FreeBSD TOCTOU, and a couple of Linux kernel vulnerabilities.
A quick chat about E2E Crypto and Zoom, followed by a few noteworth exploits including Bluetooth impersonation, a 15-year old qmail CVE, NordVPN, and an RCE in Google. Ending with some mitigation research looking at making singlely linked lists safe, XSS prevention, and Code-Reuse Gadgets.
Over the last year or so, I've been working with the OpenOrbis team to develop a toolchain for building homebrew for the PS4, and one of the challenges we faced was porting a proper libc to the console. This article dives into some of the interesting lessons learned while porting MUSL to the PS4.
Are iOS 0days now worthless? Can you hack a satellite...or hackerone? Are WAFs worthwhile? And more on a fairly discussion heavy episode of DAY[0].
It was a busy week, Microsofts Github account was hacked, Centurylink Routers have no security, and multiple interactionless RCEs in Samsung phones.
Authentication bypasses, SQL injection, command injection, and more in this web-exploit heavy episode.