16 September 2024 Show Notes 255 - Iterating Exploits & Extracting SGX Keys 00:04:55 Exploiting CVE-2024-20017 4 different ways Additional Links: https://dayzerosec.com/blog/2021/05/22/from-ctfs-to-real-exploitation-part-3.html 00:22:26 Intel SGX Fuse Keys Extracted Additional Links: https://eprint.iacr.org/2016/086.pdf https://sgx101.gitbook.io/sgx101/sgx-bootstrap/attestation https://x.com/_markel___/status/1828112469010596347 https://www.intel.com/content/www/us/en/security-center/announcement/intel-security-announcement-2024-08-29-001.html 00:51:01 Introducing the URL validation bypass cheat sheet Additional Links: https://portswigger.net/web-security/ssrf/url-validation-bypass-cheat-sheet