Is Pwn2Own worth it for bug bounty hunters? A handful of trivial command injections, and some awesome WAF bypasses.
Will AI be your next vuln research assistant? ... Maybe? We also talk about a stack-based overflow in `ping` and a Huawei hypervisor vuln.
A variety of issues this week, DOM Clobbering, argument injection, a filesystem race condition, cross-site scripting, and a normalization-based auth bypass.
The end of kASLR bypasses? Probably just click-bait, but the patch gap is real and we discuss that a bit before getting into a couple AI-based corruptions.
Some RCE chains starting with DNS rebinding, always fun to see, a fairly basic SQL injection, and a JS sandbox escape for RCE in Spotify.
A hardware heavy episode as we talk about two read protection bypasses, Pixel 6 bootloader exploitation and benchmarking fuzzers.
This week has the return of cross-site tracing, HTML injection, a golang specific vulnerable code pattern, and a fun case-sensitivity auth bypass.
Is the compiler making exploitation easier, these divergent representations seem to do so. We also look at a chrome UAF and a double stack overflow.
A Pixel Lockscreen bypass and some discussion about dupes in bug bounty, then a long RCE chain, and a look at client-side path traversals.
A lot of discussion about the OpenSSL vulnerability, fuzzing and exploitation. Then into a RCE in XML Signature verification, and a Samsung exploit chain.