[bounty] OverlayFS to Root and Parallels Desktop Escapes
More bug bounty style bugs, but you'd be forgiven reading that title thinking we had a low-level focus this episode. We got some awesome bugs this week though from tricking Dependabot and abusing placeholder values, an IIS auth bypass. Ending off with a kernel bug (OverlayFS) and a VM escape (Parallels Desktop)
Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/211.html
[00:00:00] Introduction
[00:00:28] Dependabot Confusion: Gaining Access to Private GitHub Repositories using Dependabot
[00:12:39] Placeholder for Dayzzz: Abusing placeholders to extract customer informations
[00:19:40] Bypass IIS Authorisation with this One Weird Trick - Three RCEs and Two Auth Bypasses in Sitecore 9.3
[00:33:44] PwnAssistant - Controlling /home's via a Home Assistant RCE
[00:39:26] The OverlayFS vulnerability [CVE-2023-0386]
[00:44:01] Escaping Parallels Desktop with Plist Injection
The DAY[0] Podcast episodes are streamed live on Twitch twice a week:
-- Mondays at 3:00pm Eastern (Boston) we focus on web and more bug bounty style vulnerabilities
-- Tuesdays at 7:00pm Eastern (Boston) we focus on lower-level vulnerabilities and exploits.
We are also available on the usual podcast platforms:
-- Apple Podcasts: https://podcasts.apple.com/us/podcast/id1484046063
-- Spotify: https://open.spotify.com/show/4NKCxk8aPEuEFuHsEQ9Tdt
-- Google Podcasts: https://www.google.com/podcasts?feed=aHR0cHM6Ly9hbmNob3IuZm0vcy9hMTIxYTI0L3BvZGNhc3QvcnNz
-- Other audio platforms can be found at https://anchor.fm/dayzerosec
You can also join our discord: https://discord.gg/daTxTK9
#BugBounty #BugHunting #InfoSec #CyberSec #Podcast
Create your
podcast in
minutes
It is Free