Hacking Nintendo 3DS, Apple vs Corellium, and Android Bugs
An update on Apple v. Corellium, some 3DS vulnerabilities, and some drama on this weeks episode. [00:00:34] Remote Chaos Experience https://media.ccc.de/c/rc3 [00:20:06] Apple Inc. v. Corellium, LLC https://www.courtlistener.com/docket/16064642/784/apple-inc-v-corellium-llc/ [00:28:17] The Great Suspender - New maintainer is probably malicious https://github.com/greatsuspender/thegreatsuspender/issues/1263 [00:36:59] An HTML Injection Worth 600$ Dollars https://medium.com/bugbountywriteup/a-html-injection-worth-600-dollars-5f065be0ab49 [00:44:06] Zoom Meeting Connector Post-Auth Remote Root https://packetstormsecurity.com/files/160736/zoomer.py.txt [00:46:21] Hijacking Google Docs Screenshots https://blog.geekycat.in/google-vrp-hijacking-your-screenshots/ [00:49:49] Nintendo 3DS - Improper certificate validation allows an attacker to perform MitM attacks https://hackerone.com/reports/894922 [00:52:02] Nintendo 3DS - Unchecked number of audio channels in Mobiclip SDK leads to RCE in eShop movie player https://hackerone.com/reports/897606https://twitter.com/forestillusion/status/1341230631913541633https://news.ycombinator.com/item?id=25508782 [00:55:45] Apple macOS 6LowPAN Vulnerability [CVE-2020-9967] https://alexplaskett.github.io/CVE-2020-9967/ [01:01:24] An iOS hacker tries Android https://googleprojectzero.blogspot.com/2020/12/an-ios-hacker-tries-android.html [01:14:29] Turning Imprisonment to Advantage in the FreeBSD ftpd chroot Jail [CVE-2020-7468] https://www.thezdi.com/blog/2020/12/21/cve-2020-7468-turning-imprisonment-to-advantage-in-the-freebsd-ftpd-chroot-jail [01:18:36] Cross Layer Attacks and How to Use Them (for DNS Cache Poisoning, Device Tracking and More) https://arxiv.org/abs/2012.07432 [01:27:17] Helping secure DOMPurify (part 1) https://research.securitum.com/helping-secure-dompurify-part-1/ [01:28:23] A WIP "Vulnerable by Design" kext for iOS/macOS to play & learn *OS kernel exploitation https://github.com/ant4g0nist/Vulnerable-Kext [01:30:01] PS4 7.02 WebKit + Kernel Chain Implementation https://github.com/ChendoChap/ps4-ipv6-uaf/tree/7.00-7.02 Watch the DAY[0] podcast live on Twitch (@dayzerosec) every Monday afternoon at 12:00pm PST (3:00pm EST) Or the video archive on Youtube (@dayzerosec)