Day[0] Low-cost Penetration Testing, High Performance Fuzzing and Github RCEs
Oct 27, 2020
02:31:05
A lot to cover in this episode, from high performance fuzzing on GPUs, to low-cost pentesters, and APT groups. And, of course many vulns from GitHub RCEs to VMWare Workstation race conditions.
- [00:01:21] Youtube-dl Cease and Desist
- [00:14:33] Let’s build a high-performance fuzzer with GPUs!
- [00:29:07] Samsung S20 - RCE via Samsung Galaxy Store App
- [00:33:24] Jitsi Meet Electron - Arbitrary Client Remote Code Execution [CVE-2020-27162]
- [00:39:14] 2FA Disable With Wrong Password - Response Tampering.
- [00:41:22] HTTP Request Smuggling due to CR-to-Hyphen conversion
- [00:46:56] GitHub Gist - Account takeover via open redirect
- [00:53:19] GitHub - RCE via git option injection (almost)
- [00:56:36] GitHub Pages - Multiple RCEs via insecure Kramdown configuration
- [01:01:38] Gateway2Hell - Multiple Privilege Escalation Vulnerabilities in Citrix Gateway Plug-In
- [01:09:02] Remote code execution on Symfony based websites
- [01:18:40] Detailing Two VMware Workstation TOCTOU Vulnerabilities
- [01:25:15] Linksys WRT160NL – Authenticated Remote Buffer Overflow [CVE-2020-26561]
- [01:32:03] The FreeType Project - Heap buffer overflow due to integer truncation
- [01:38:54] Uncovering the Hidden Dangers: Finding Unsafe Go Code in the Wild
- [01:45:15] NSA Warns Chinese State-Sponsored Malicious Cyber Actors Exploiting 25 CVEs
- [01:57:15] Penetration Testing and Low-Cost Freelancing
- [02:23:24] WPScan.io "XSS"
- [02:28:24] MITRE - Adversarial Threat Matrix
- [02:29:16] Shoutout to Alh4zr3d
Watch the DAY[0] podcast live on Twitch (@dayzerosec) every Monday afternoon at 12:00pm PST (3:00pm EST)
Or the video archive on Youtube (@DAY[0])