Podbean logo
  • Discover
  • Podcast Features

    Your all-in-one podcasting solution.
    Blog to Podcast

    Turn your blog into an engaging podcast.
  • Livestream

    High-performing audio live, without limits.
    Podcast Studio

    Easy-to-use audio recorder app.
  • Podbean AI

    AI-Enhanced Audio Quality and Content Generation.
    Podcast App

    The best podcast player & podcast app.
  • Ads Marketplace

    Join Ads Marketplace to earn money
    through sponsorship on your podcast.
    PodAds

    Manage your ads with dynamic ad insertion capability.
  • Apple Podcasts Subscriptions Integration

    Effortlessly publish and manage exclusive episodes for your
    Apple Podcasts subscribers directly from Podbean.

  • Live Streaming

    Receive livestream rewards from your audience and earn
    recurring income from your Fan Club membership.

  • All Arts Business Comedy Education
  • Fiction Government Health & Fitness History Kids & Family
  • Leisure Music News Religion & Spirituality Science
  • Society & Culture Sports Technology True Crime TV & Film
  • Live
  • How to Start a Podcast
  • How to Start a Live Podcast
  • How to Monetize a podcast
  • How to Promote Your Podcast
  • How to Use Group Recording
  • Log in
  • Start your podcast for free
  • Podcasting
    • Podcast Features
    • Livestream
    • Podbean AI
    • Blog to Podcast
    • Podcast Studio
    • Podcast App
  • Monetization
    • Ads Marketplace
    • Apple Podcasts Subscriptions Integration
    • Live Streaming
    • PodAds
  • Advertisers
  • Enterprise
  • Pricing
  • Discover
    • Log in
    Sign up free
Day[0]

Day[0]

Technology

[bounty] Tailscale RCE, an SQLi in PAM360, and Exploiting Backstage

[bounty] Tailscale RCE, an SQLi in PAM360, and Exploiting Backstage

2022-11-29
Download Right click and do "save link as"

Some RCE chains starting with DNS rebinding, always fun to see, a fairly basic SQL injection, and a JS sandbox escape for RCE in Spotify.


Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/171.html


[00:00:00] Introduction

[00:00:38] RCE in Tailscale, DNS Rebinding, and You [CVE-2022-41924]

[00:17:55] SQL Injection in ManageEngine Privileged Access Management [CVE-2022-40300]

[00:22:34] Unauthenticated Remote Code Execution in Spotify’s Backstage

[00:36:28] Till REcollapse

[00:41:19] Chat Question: Alternatives to IDA Freeware


The DAY[0] Podcast episodes are streamed live on Twitch twice a week:

-- Mondays at 3:00pm Eastern (Boston) we focus on web and more bug bounty style vulnerabilities

-- Tuesdays at 7:00pm Eastern (Boston) we focus on lower-level vulnerabilities and exploits.


We are also available on the usual podcast platforms:

-- Apple Podcasts: https://podcasts.apple.com/us/podcast/id1484046063

-- Spotify: https://open.spotify.com/show/4NKCxk8aPEuEFuHsEQ9Tdt

-- Google Podcasts: https://www.google.com/podcasts?feed=aHR0cHM6Ly9hbmNob3IuZm0vcy9hMTIxYTI0L3BvZGNhc3QvcnNz

-- Other audio platforms can be found at https://anchor.fm/dayzerosec


You can also join our discord: https://discord.gg/daTxTK9


view more

More Episodes

[binary] kCTF Changes, LogMeIn, and wlan VFS Bugs
2024-02-14
[bounty] The End of a DEFCON Era and Flipper Zero Woes
2024-02-13
[binary] The Syslog Special
2024-02-07
[bounty] Public Private Android Keys and Docker Escapes
2024-02-06
[binary] Busted ASLR, PixieFail, and Bypassing HVCI
2024-01-31
[bounty] Reborn Homograph Attacks and Ransacking Passwords
2024-01-30
[binary] Bypassing Chromecast Secure-Boot and Exploiting Factorio
2024-01-17
[bounty] A GitLab Account Takeover and a Coldfusion RCE
2024-01-16
[binary] Allocator MTE, libwebp, and Operation Triangulation
2024-01-10
[bounty] Spoofing Emails, PandoraFMS, and Keycloak
2024-01-09
[binary] RetSpill, A Safari Vuln, and Steam RCE
2023-12-22
[bounty] IOT Issues and DNS Rebinding
2023-12-19
[binary] Samsung Baseband and GPU Vulns
2023-12-06
[bounty] Buggy Cookies and a macOS TCC Bypass
2023-12-05
[binary] Hypervisor Bugs and a FAR-out iOS bug
2023-11-29
[bounty] Kubernetes Code Exec and There Is No Spoon
2023-11-28
[binary] A Heap of Linux Bugs
2023-11-22
[bounty] Prompting for Secrets and Malicious Extensions
2023-11-21
[binary] A Bundle of Windows Bugs
2023-11-15
[bounty] Usurping Mastodon and Broken Signature Schemes
2023-11-13
  • ←
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • →
012345678910111213141516171819

Get this podcast on your
phone, FREE

Download Podbean app on App Store Download Podbean app on Google Play

Create your
podcast in
minutes

  • Full-featured podcast site
  • Unlimited storage and bandwidth
  • Comprehensive podcast stats
  • Distribute to Apple Podcasts, Spotify, and more
  • Make money with your podcast
Get started

It is Free

  • Podcast Services

    • Podcast Features
    • Pricing
    • Enterprise Solution
    • Private Podcast
    • The Podcast App
    • Live Stream
    • Audio Recorder
    • Remote Recording
    • Podbean AI
  •  
    • Create a Podcast
    • Video Podcast
    • Start Podcasting
    • Start Radio Talk Show
    • Education Podcast
    • Church Podcast
    • Nonprofit Podcast
    • Get Sermons Online
    • Free Audiobooks

  • MONETIZATION & MORE

    • Podcast Advertising
    • Dynamic Ads Insertion
    • Apple Podcasts Subscriptions
    • Switch to Podbean
    • YouTube to Podcast
    • Blog to Podcast
    • Submit Your Podcast
    • Podbean Plugins
    • Developers

  • KNOWLEDGE BASE

    • How to Start a Podcast
    • How to Start a Live Podcast
    • How to Monetize a Podcast
    • How to Promote Your Podcast
    • Mobile Podcast Recording Guide
    • How to Use Group Recording
    • Podcast Advertising 101

  • Support

    • Support Center
    • What’s New
    • Free Webinars
    • Podcast Events
    • Podbean Academy
    • Podcasting Smarter
    • Badges
    • Resources

  • Podbean

    • About Us
    • Podbean Blog
    • Careers
    • Press and Media
    • Green Initiative
    • Affiliate Program
    • Contact Us
  • Privacy Policy
  • Cookie Policy
  • Terms of Use
  • Consent Preferences
  • Copyright © 2015-2024 Podbean.com