05 January 2021 Show Notes 58 - Hacking Nintendo 3DS, Apple vs Corellium, and Android Bugs 00:00:34 Remote Chaos Experience 00:20:06 Apple Inc. v. Corellium, LLC 00:28:17 The Great Suspender - New maintainer is probably malicious 00:36:59 An HTML Injection Worth 600$ Dollars 00:44:06 Zoom Meeting Connector Post-Auth Remote Root 00:46:21 Hijacking Google Docs Screenshots 00:49:49 Nintendo 3DS - Improper certificate validation allows an attacker to perform MitM attacks 00:52:02 Nintendo 3DS - Unchecked number of audio channels in Mobiclip SDK leads to RCE in eShop movie player Additional Links: https://twitter.com/forestillusion/status/1341230631913541633 https://news.ycombinator.com/item?id=25508782 00:55:45 Apple macOS 6LowPAN Vulnerability [CVE-2020-9967] 01:01:24 An iOS hacker tries Android 01:14:29 Turning Imprisonment to Advantage in the FreeBSD ftpd chroot Jail [CVE-2020-7468] 01:18:36 Cross Layer Attacks and How to Use Them (for DNS Cache Poisoning, Device Tracking and More) 01:27:17 Helping secure DOMPurify (part 1) 01:28:23 A WIP "Vulnerable by Design" kext for iOS/macOS to play & learn *OS kernel exploitation 01:30:01 PS4 7.02 WebKit + Kernel Chain Implementation