In the 250th episode, we have a follow-up discussion to our "Future of Exploit Development" video from 2020. Memory safety and the impacts of modern mitigations on memory corruption are the main focus.
[binary] A subtle iOS parsing bug and a PHP use-after-free
[bounty] A Double-Edged SSRF, Pritunl VPN LPE, and a NodeBB Vuln
[binary] FORCEDENTRY Sandbox Escape and NetFilter Bugs
[bounty] Spring4Shell, PEAR Bugs, and GitLab Hardcoded Passwords
[binary] Pwning WD NAS, NetGear Routers, and Overflowing Kernel Pages
[bounty] GitLab Arbitrary File Read and Bypassing PHP's filter_var
[binary] Chrome Heap OOB Access and TLStorm
[bounty] DOMPDF XSS to RCE, Chrome Leaking Envrionment Vars, and cr8escape
[binary] A Windows UAF, Branch Prediction Bugs, and an io_uring Exploit
[bounty] Pascom RCE, AutoWarp, and a GKE Container Escape
[binary] Dirty Pipe and Analyzing Memory Tagging
[bounty] Facebook Exploits, pfSense RCE, and MySQLjs SQLi
[binary] ImageGear JPEG Vulns, NetFilter, and a LibCurl Memory Disclosure
[bounty] DynamicWeb RCE, VMWare Bugs, and Exploiting GitHub Actions
[binary] Zynq-7000 Secure Boot Bypass and Compiler-Created Bugs
[bounty] CoinDesk, Zabbix, and Leaking Secrets Through Mirrored Repos
[binary] Another Kernel TIPC Bug, MySQL, and Buggy Go
[bounty] Baby Monitor Bugs, Grafana, and Twitter De-anonymization
[binary] Fastly Infoleak, Samba OOB Access, and Pwning MacOS
[bounty] Hacking Google Drive Integrations and XSS Puzzles
Create your
podcast in
minutes
It is Free
Insight Story: Tech Trends Unpacked
Zero-Shot
Fast Forward by Tomorrow Unlocked: Tech past, tech future
Lex Fridman Podcast
The Unbelivable Truth - Series 1 - 26 including specials and pilot