252 - Bypassing KASLR and a FortiGate RCE
Bit of a lighter episode this week with a Linux Kernel ASLR bypass and a clever exploit to RCE FortiGate SSL VPN.
Posts tagged 'Podcast'
251 - RCE'ing Mailspring and a .NET CRLF Injection
In this week's bounty episode, an attack takes an XSS to RCE on Mailspring, a simple MFA bypass is covered, and a .NET CRLF injection is detailed in its FTP functionality.
250 - Future of Exploit Dev
In the 250th episode, we have a follow-up discussion to our "Future of Exploit Development" video from 2020. Memory safety and the impacts of modern mitigations on memory corruption are the main focus.
249 - libXPC to Root and Digital Lockpicking
In this episode we have an libXPC root privilege escalation, a run-as debuggability check bypass in Android, and digital lockpicking on smart locks.
248 - Binary Ninja Free and K-LEAK
In this week's binary episode, Binary Ninja Free releases along with Binja 4.0, automated infoleak exploit generation for the Linux kernel is explored, and Nintendo sues Yuzu.
247 - Hacking Google AI and SAML
A shorter episode this week, featuring some vulnerabilities impacting Google's AI and a SAML auth bypass.
246 - Rust Memory Corruption???
VirtualBox has a very buggy driver, PostgreSQL has an Out of Bounds Access, and lifetime issues are demonstrated in Rust in "safe" code.
245 - A PHP and Joomla Bug and some DOM Clobbering
This week's episode features a cache deception issue, Joomla inherits a PHP bug, and a DOM clobbering exploit. Also covered is a race condition in Chrome's extension API published by project zero.
244 - Linux Burns Down CVEs
Linux becomes a CNA and takes a stance on managing CVEs for themselves, and underutilized fuzzing strategies are discussed.
243 - GhostCMS, ClamAV, and the Top Web Hacking Techniques of 2023
In this bounty episode, some straightforward bugs were disclosed in GhostCMS and ClamAV, and Portswigger publishes their top 10 list of web hacking techniques from 2023.