Episode 56 - Rooting iOS, Hacking with cURL, and the end of Use-After-Free

Some solid exploit development talk in this episode as we look at an iOS vuln, discuss the exploitability of a cURL buffer overflow and examine a new kernel UAF mitigation.

• [00:00:43] Improving open source security during the Google summer internship program
  
• [00:03:35] Justices seem wary of breadth of federal computer fraud statute
  
• [00:11:37] Update regarding Snapchat SSRF
  
• [00:12:53] A 3D Printed Shell
  
• [00:20:19] Site Wide CSRF on Glassdoor
  
• [00:24:24] [GitLab] Stored-XSS in error message of build-dependencies
  
• [00:27:44] Playstation Now RCE
  
• [00:32:29] MS Teams RCE (Important, Spoofing)
  
• [00:38:34] An iOS zero-click radio proximity exploit odyssey
  
  • https://bugs.chromium.org/p/project-zero/issues/detail?id=1982
    
• [00:54:58] [curl] heap-based buffer overrun in /lib/urlapi.c
  
• [01:02:51] Google Duo: Race condition can cause callee to leak video packets from unanswered call
  
• [01:05:35] Linux kernel heap quarantine versus use-after-free exploits
  
  • https://lore.kernel.org/kernel-hardening/CAG48ez1tNU_7n8qtnxTYZ5qt-upJ81Fcb0P2rZe38ARK=iyBkA@mail.gmail.com/T/#u
    
• [01:13:23] Hey Alexa what did I just type? Decoding smartphone sounds with a voice assistant
  
• [01:22:57] XS-Leaks Wiki
  
  • https://security.googleblog.com/2020/12/fostering-research-on-new-web-security.html
    
• [01:27:14] Hacking 101 by No Starch Press
  
• [01:33:40] Gamozo Labs FuzzOS
  

Watch the DAY[0] podcast live on Twitch (@dayzerosec) every Monday afternoon at 12:00pm PST (3:00pm EST)