Lets go back in time to look at the leaked WinXP source, and a Half-Life 1 exploit. And, while we are at it a couple Instagram vulns and a cheap hardware attack against Android.
- [00:00:50] Windows XP Source Leak
- https://twitter.com/vxunderground/status/1309231131313737735
- https://twitter.com/dangeredwolf/status/1310067935902343170
- [00:12:49] "I'm not a fan of critical bugs"
- [00:28:01] API Keys leaked via Solana BBP github repo
- [00:36:34] Exploiting Tiny Tiny RSS
- [00:45:28] HackerOne Reflected XSS
- [00:50:37] Steam Arbitrary File Overwrite
- [00:55:23] Half-Life 1 Code Execution with malformed map name
- [00:59:09] uTorrent Vulnerability [CVE-2020-8437]
- https://raw.githubusercontent.com/guywhataguy/uTorrent-CVE-2020-8437/master/malicious.torrent
- [01:09:26] $25K Instagram Almost XSS Filter Link
- [01:14:57] #Instagram_RCE
- [01:26:44] Kernel exploitation: weaponizing [CVE-2020-17382]
- [01:34:07] Bypass Android MDM
- [01:41:17] XSS without arbitrary JavaScript
- [01:48:40] security things in Linux v5.7
- [01:56:48] Code Review 101
Watch the DAY[0] podcast live on Twitch (@dayzerosec) every Monday afternoon at 12:00pm PST (3:00pm EST)
Or the video archive on Youtube (@DAY[0])