dayzerosec

103 - GitLab Prototype Pollution and Some Authentication Bypasses

30 November 2021

Short but sweet episode this week, prototype pollution, crypto issues, SSRF and some weird authentication.
- podcast
- bounty-podcast
102 - Hacking Neural Nets, a Chrome WebRTC UAF and Pwning Windows

24 November 2021

Some mroe kernel bugs this week as we look at bugs in Samsung's NPU driver (Android), Linux, and the WIndows Kernel.
- podcast
- binary-podcast
101 - Big Bounties by Exploiting WebKit's CSP & Concrete CMS Bugs

23 November 2021

What happens when a vendor refused to fix your bug? Well you can go claim a bunch of bounties with it. We also talk about some novel request smuggling research on this episode.
- podcast
- bounty-podcast
100 - DDR4 Rowhammer, Azure Bugs, "Essential 0days", and Backdoored IDA

17 November 2021

North Korea is at it again targeting researchers, 0day hoarding, breaching secure hardware, and fuzzing on this weeks episode.
- podcast
- binary-podcast
99 - Rust in the Web? A Special Guest and some Bad Crypto

16 November 2021

We are joined by Bastian Gruber to start the episode with a discussion about Rust. Then we'll dive into a few interesting vulnerabilities this week including yet another ECDSA implementation issue and some header smuggling research.
- podcast
- bounty-podcast
98 - A too trusty TrustZone and a few Linux Kernel bugs

10 November 2021

Some interesting vulnerability envrionments this week, some Trusted App issues, a couple Linux Kernel vulns, and a look at memory safety issues in unsafe Rust.
- podcast
- binary-podcast
97 - A MacOS SIP Bypass & an XSS Fiesta

09 November 2021

A discussion heavy episode this week, starting off with the "new" Trojan Source attackers, and then talking about a handful of interesting vulnerabilities.
- podcast
- bounty-podcast
96 - Type Confusion in Android NFC, PHP-FPM Local Privilege Escalation, and CallbackHell

03 November 2021

This week we dive into PHP-FPM internals to look at escelating from a worker process to the root process, anotehr GDI bug, and a type confusion.
- podcast
- binary-podcast
95 - Discourse SNS RCE, a Stored XSS in GitLab, and a Reddit Race Condition

02 November 2021

A couple unique vulns this week involving getting extra coins on Reddit, and bypassing certificate checking for a Discourse RCE.
- podcast
- bounty-podcast
94 - A Kernel Race, SuDump, and a Chrome Garbage Collector Bug

27 October 2021

We start off this week with a look at in-the-wild 0days from the past seven years, before diving into some pretty awesome bugs this week including a OOB access in Squirrel (programming language), a couple Linux kernel issues and a Chrome garbage collector bug.
- podcast
- binary-podcast
93 - A Slack Attack and a MySQL Scientific Notation Bug

26 October 2021

Just four bugs this week, but that all are somewhat interesting, from an Instagram 2FA removal, deanonymizing Slack users, a MySQL bug, and how to get cheap reddit coins.
- podcast
- bounty-podcast
92 - WebKit Bugs, a Windows Race, and House of IO Improved

20 October 2021

Tianfu Cup happened this week, we also got some cool windows and webkit issues, along side an improvment to the House of IO attack
- podcast
- binary-podcast
91 - WebSocket Hijacking, GitHub review bypass and SQLi to RCE

19 October 2021

Just a handful of traditional vulns this week: IDOR, CSRF, SQLi, a logic vuln and zi's boomer side starts to show.
- podcast
- bounty-podcast
90 - HyperKit Bugs & an Open5GS Stack Overflow

13 October 2021

Uninitialized variables everywhere in Hyperkit, and a Open5GS stack-based buffer overflow.
- podcast
- binary-podcast
89 - SharePoint RCE & an Apache Path Traversal

12 October 2021

A simple to exploit path traversal in Apache...in 2021, a one-time-password defeat by having it be send to the attacker and victim, and more JWT issues.
- podcast
- bounty-podcast