Jailbreaks, Stealing Playstation Accounts, and Automatic Exploit Generation

This week we talk a bit about some Black Friday deals before jumping into another SD-WAN pwn, some jailbreaks, and research into automatic exploit generation. [00:00:40] Black Friday is coming... VMWare - Usually ~35% off Shodan - $5 lifetime, last year they ran the deal before and after Black Friday so pay attention. Pluralsight - 40% off INE - 40% off (access to all eLearnSecurity courses) Cybrary.it - $600 off PentesterLab - Last year was 13.37% off NoStarchPress - Last year was 42% off O'Reilly Online Learning - $199/year (normally $500/yr) Pentester Academy - 70% off (covid "perma-deal") [00:10:03] Oracle Security Alert - CVE-2020-14750 https://twitter.com/chybeta/status/1323220987442208769 [00:13:34] FileZilla "Scale Factor" field is vulnerable of Buffer Overflow [00:21:33] Playstation Access Token Stealing https://hackerone.com/reports/826394 [00:27:54] SD-PWN Part 2 - Citrix SD-WAN Center - Another Network Takeover [00:37:19] Exploiting dynamic rendering engines to take control of web apps [00:42:34] Privileged Container Escape - Control Groups release_agent [00:47:23] Modern attacks on the Chrome browser [00:58:57] Jailbreaks Never Die - Exploiting iOS 13.7 [01:08:27] Kernel Exploitation with a File System Fuzzer [01:13:57] Greybox Automatic Exploit Generation for Heap Overflows in Language Interpreters Watch the DAY[0] podcast live on Twitch (@dayzerosec) every Monday afternoon at 12:00pm PST (3:00pm EST) Or the video archive on Youtube (@DAY[0])

Om Podcasten

A weekly podcast for bounty hunters, exploit developers or anyone interesting in the details of the latest disclosed vulnerabilities and exploits.