In this episode we have an libXPC root privilege escalation, a run-as debuggability check bypass in Android, and digital lockpicking on smart locks.
Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/249.html
[00:00:00] Introduction
[00:00:21] Progress OpenEdge Authentication Bypass Deep-Dive [CVE-2024-1403]
[00:05:19] xpcroleaccountd Root Privilege Escalation [CVE-2023-42942]
[00:10:50] Bypassing the “run-as” debuggability check on Android via newline injection
[00:18:09] Say Friend and Enter: Digitally lockpicking an advanced smart lock (Part 2: discovered vulnerabilities)
[00:43:06] Using form hijacking to bypass CSP
The DAY[0] Podcast episodes are streamed live on Twitch twice a week:
-- Mondays at 3:00pm Eastern (Boston) we focus on web and more bug bounty style vulnerabilities
-- Tuesdays at 7:00pm Eastern (Boston) we focus on lower-level vulnerabilities and exploits.
We are also available on the usual podcast platforms:
-- Apple Podcasts: https://podcasts.apple.com/us/podcast/id1484046063
-- Spotify: https://open.spotify.com/show/4NKCxk8aPEuEFuHsEQ9Tdt
-- Google Podcasts: https://www.google.com/podcasts?feed=aHR0cHM6Ly9hbmNob3IuZm0vcy9hMTIxYTI0L3BvZGNhc3QvcnNz
-- Other audio platforms can be found at https://anchor.fm/dayzerosec
You can also join our discord: https://discord.gg/daTxTK9
Takeover A Facebook, SnapChat or JetBrains Account [Bounty Hunting]
NoSQL Injection, Mobile Misconfigurations and a Wormable Windows Bug
Cross-Browser Tracking, Frag Attacks, and Malicious Rust Macros
Fake Vulns, More Valve, and an AWS Cognito issue
Defcon Quals, Dead μops, BadAllocs, Wordpress XXE
Bad Patches, Fuzzing Sockets, & 3DS Hacked by Super Mario
Windows Bugs, Duo 2FA Bypass, and some Reverse Engineering
Pwn2own, Linux Kernel Exploits, and Malicious Mail
Speculation in Predictive Store Forwarding, Broken Fixes, and Owning Rocket.Chat
Google exposes an APT campaign, PHP owned, and Several Auth Issues
Fast Fuzzing, Malicious Pull Requests, and Rust in my kernel?!
Hacking Cameras, Stealing Logins, and Breaking Git
Buggy Browsers, Heap Grooming, and Broken RSA?
BlackHat USA, Pre-Auth RCEs, and JSON Smuggling
PDF Exploits, GPGME Making Mistakes EZ and Favicon Tracking
Industrial Control Fails and a Package disguised in your own supply
MediaTek BootROM Broken, Free Coffee, and an iOS Kernel Exploit
OSED, North Korean hackers, NAT Slipstream 2.0, and PGP (in)security
Snooping YouTube History and Breaking State Machines
Breaking Lock Screens & The Great Vbox Escape
Create your
podcast in
minutes
It is Free
Insight Story: Tech Trends Unpacked
Zero-Shot
Fast Forward by Tomorrow Unlocked: Tech past, tech future
Lex Fridman Podcast
Elliot in the Morning