Low-cost Penetration Testing, High Performance Fuzzing and Github RCEs
A lot to cover in this episode, from high performance fuzzing on GPUs, to low-cost pentesters, and APT groups. And, of course many vulns from GitHub RCEs to VMWare Workstation race conditions. [00:01:21] Youtube-dl Cease and Desist [00:14:33] Let’s build a high-performance fuzzer with GPUs! https://gamozolabs.github.io/2020/10/23/some_thoughts_on_gpu_fuzzing.html [00:29:07] Samsung S20 - RCE via Samsung Galaxy Store App [00:33:24] Jitsi Meet Electron - Arbitrary Client Remote Code Execution [CVE-2020-27162] https://github.com/jitsi/jitsi-meet-electron/blob/40866232594442ea77d5144deebcd38ed3d362be/main.js#L126 [00:39:14] 2FA Disable With Wrong Password - Response Tampering. [00:41:22] HTTP Request Smuggling due to CR-to-Hyphen conversion https://hackerone.com/nodejs?type=team [00:46:56] GitHub Gist - Account takeover via open redirect [00:53:19] GitHub - RCE via git option injection (almost) [00:56:36] GitHub Pages - Multiple RCEs via insecure Kramdown configuration [01:01:38] Gateway2Hell - Multiple Privilege Escalation Vulnerabilities in Citrix Gateway Plug-In [01:09:02] Remote code execution on Symfony based websites [01:18:40] Detailing Two VMware Workstation TOCTOU Vulnerabilities [01:25:15] Linksys WRT160NL – Authenticated Remote Buffer Overflow [CVE-2020-26561] [01:32:03] The FreeType Project - Heap buffer overflow due to integer truncation [01:38:54] Uncovering the Hidden Dangers: Finding Unsafe Go Code in the Wild [01:45:15] NSA Warns Chinese State-Sponsored Malicious Cyber Actors Exploiting 25 CVEs [01:57:15] Penetration Testing and Low-Cost Freelancing [02:23:24] WPScan.io "XSS" [02:28:24] MITRE - Adversarial Threat Matrix [02:29:16] Shoutout to Alh4zr3d Watch the DAY[0] podcast live on Twitch (@dayzerosec) every Monday afternoon at 12:00pm PST (3:00pm EST) Or the video archive on Youtube (@DAY[0])