In this episode we have an libXPC root privilege escalation, a run-as debuggability check bypass in Android, and digital lockpicking on smart locks.
Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/249.html
[00:00:00] Introduction
[00:00:21] Progress OpenEdge Authentication Bypass Deep-Dive [CVE-2024-1403]
[00:05:19] xpcroleaccountd Root Privilege Escalation [CVE-2023-42942]
[00:10:50] Bypassing the “run-as” debuggability check on Android via newline injection
[00:18:09] Say Friend and Enter: Digitally lockpicking an advanced smart lock (Part 2: discovered vulnerabilities)
[00:43:06] Using form hijacking to bypass CSP
The DAY[0] Podcast episodes are streamed live on Twitch twice a week:
-- Mondays at 3:00pm Eastern (Boston) we focus on web and more bug bounty style vulnerabilities
-- Tuesdays at 7:00pm Eastern (Boston) we focus on lower-level vulnerabilities and exploits.
We are also available on the usual podcast platforms:
-- Apple Podcasts: https://podcasts.apple.com/us/podcast/id1484046063
-- Spotify: https://open.spotify.com/show/4NKCxk8aPEuEFuHsEQ9Tdt
-- Google Podcasts: https://www.google.com/podcasts?feed=aHR0cHM6Ly9hbmNob3IuZm0vcy9hMTIxYTI0L3BvZGNhc3QvcnNz
-- Other audio platforms can be found at https://anchor.fm/dayzerosec
You can also join our discord: https://discord.gg/daTxTK9
Zoom-ers, VM Escapes, and Pegasus Resurfaces
A shortcut (.lnk) to RCE, Pi-Hole, Shadow Stacks, and fine-grained kASLR
Pwn2Own Results, Voatz (again), some web-exploits and a code-reuse mitigation
How to Hack a CTF and more (LVI, TRRespass and some web-exploits)
FuzzBench, MediaTek-su, Request Smuggling, and Memory Tagging
kr00k, GhostCat, and more issues from NordVPN, Samsung, OpenSMTPd
A Dark White-Hat hacker? and various vulns ft. Cisco, Periscope, NordVPN and Tesla/EyeQ
A New PWK/OSCP, Election Hacking, Kernel Exploits, and Fuzzing
Hack Twitter, WhatsApp and all your Cisco phones (CDPwn) ft. GhostKnight
OK Google, sudo ./hacktheplanet
Return of the Zombieload, Bezos Hacked, and other exploits
Project Verona, CurveBall, CableHaunt, and RCEs-a-plenty
SHA-mbles, Shitrix, Responsible Disclosure, and wtf is TikTok doing?
First Edge bounty, Hacking Tesla via Wi-Fi, Cisco advisories, and Shadow Clones
PlunderVolt, Real-World Bug Hunting, Presidents Cup CTF, SockPuppet and more
Permanent DoS, HackerOne Hacked, and Wide-OpenBSD
CWE Top 25, Hacking Anti-Viruses and Adversarial Machine Learning Attacks
What does the NSA say?
Election hacking, Kernel Security, MDS Attacks and Github's Security Lab
Rogue Employees, Lasers, Fuzzing, and an iOS Exploit (checkra1n)
Create your
podcast in
minutes
It is Free
Insight Story: Tech Trends Unpacked
Zero-Shot
Fast Forward by Tomorrow Unlocked: Tech past, tech future
Lex Fridman Podcast
The Unbelivable Truth - Series 1 - 26 including specials and pilot