This week we have a crazy crypto fail where some Android devices had updates signed by publicly available private keys, as well as some Docker container escapes.
Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/239.html
[00:00:00] Introduction
[00:00:22] Missing signs: how several brands forgot to secure a key piece of Android
[00:13:37] ModSecurity: Path Confusion and really easy bypass on v2 and v3
[00:21:24] runc process.cwd & leaked fds container breakout [CVE-2024-21626]
[00:24:23] Buildkit GRPC SecurityMode Privilege Check [CVE-2024-23653]
[00:27:49] Jumpserver Preauth RCE Exploit Chain
[00:43:49] 500$: MFA bypass By Race Condition
[00:49:52] HTTP Downgrade attacks with SmuggleFuzz
The DAY[0] Podcast episodes are streamed live on Twitch twice a week:
-- Mondays at 3:00pm Eastern (Boston) we focus on web and more bug bounty style vulnerabilities
-- Tuesdays at 7:00pm Eastern (Boston) we focus on lower-level vulnerabilities and exploits.
We are also available on the usual podcast platforms:
-- Apple Podcasts: https://podcasts.apple.com/us/podcast/id1484046063
-- Spotify: https://open.spotify.com/show/4NKCxk8aPEuEFuHsEQ9Tdt
-- Google Podcasts: https://www.google.com/podcasts?feed=aHR0cHM6Ly9hbmNob3IuZm0vcy9hMTIxYTI0L3BvZGNhc3QvcnNz
-- Other audio platforms can be found at https://anchor.fm/dayzerosec
You can also join our discord: https://discord.gg/daTxTK9
Bad Patches, Fuzzing Sockets, & 3DS Hacked by Super Mario
Windows Bugs, Duo 2FA Bypass, and some Reverse Engineering
Pwn2own, Linux Kernel Exploits, and Malicious Mail
Speculation in Predictive Store Forwarding, Broken Fixes, and Owning Rocket.Chat
Google exposes an APT campaign, PHP owned, and Several Auth Issues
Fast Fuzzing, Malicious Pull Requests, and Rust in my kernel?!
Hacking Cameras, Stealing Logins, and Breaking Git
Buggy Browsers, Heap Grooming, and Broken RSA?
BlackHat USA, Pre-Auth RCEs, and JSON Smuggling
PDF Exploits, GPGME Making Mistakes EZ and Favicon Tracking
Industrial Control Fails and a Package disguised in your own supply
MediaTek BootROM Broken, Free Coffee, and an iOS Kernel Exploit
OSED, North Korean hackers, NAT Slipstream 2.0, and PGP (in)security
Snooping YouTube History and Breaking State Machines
Breaking Lock Screens & The Great Vbox Escape
Universal Deserialization, Stealing Youtube Videos, and CTFs
Hacking Nintendo 3DS, Apple vs Corellium, and Android Bugs
Fireeye, PS4 exploit, and MacOS LPE
Rooting iOS, Hacking with cURL, and the end of Use-After-Free
Bad Blocklists, Legal News, and Windows Vulns
Create your
podcast in
minutes
It is Free
Insight Story: Tech Trends Unpacked
Zero-Shot
Fast Forward by Tomorrow Unlocked: Tech past, tech future
The Unbelivable Truth - Series 1 - 26 including specials and pilot
Lex Fridman Podcast