Universal Deserialization, Stealing Youtube Videos, and CTFs

A new universal deserialization gadget for Ruby, a Rocket.Chat SAML auth bypass, and some heap exploitation research. [00:00:36] Cybersecurity Knowledge and Skills Taught in Capture the Flag Challenges https://arxiv.org/pdf/2101.01421v1.pdf [00:10:36] Universal Deserialisation Gadget for Ruby 2.x-3.x https://devcraft.io/2021/01/07/universal-deserialisation-gadget-for-ruby-2-x-3-x.html [00:13:54] Stealing Your Private YouTube Videos, One Frame at a Time https://bugs.xdavidhu.me/google/2021/01/11/stealing-your-private-videos-one-frame-at-a-time/ [00:21:43] Rocket.chat - SAML authentication bypass https://hackerone.com/reports/1049375 [00:25:49] curl is vulnerable to SSRF due to improperly parsing the host component of the URL https://hackerone.com/reports/704621 [00:31:02] Issue 2095: Node.js: use-after-free in TLSWrap https://bugs.chromium.org/p/project-zero/issues/detail?id=2095 [00:35:28] Preventing Use-After-Free Attacks with Fast Forward Allocation https://gts3.org/assets/papers/2021/wickman:ffmalloc.pdf [00:49:38] Automatic Techniques to Systematically Discover New Heap Exploitation Primitives https://www.usenix.org/system/files/sec20fall_yun_prepub.pdf [00:59:50] A Samsung RKP Compendium https://blog.longterm.io/samsung_rkp.html [01:11:32] Analyzing CVE-2020-16040 https://faraz.faith/2021-01-07-cve-2020-16040-analysis/ [01:13:51] HexLasso Online https://suszter.com/hexlasso-online/ [01:15:30] A Side Journey to Titan https://ninjalab.io/a-side-journey-to-titan/ Watch the DAY[0] podcast live on Twitch (@dayzerosec) every Monday afternoon at 12:00pm PST (3:00pm EST) Or the video archive on Youtube (@dayzerosec)

Om Podcasten

A weekly podcast for bounty hunters, exploit developers or anyone interesting in the details of the latest disclosed vulnerabilities and exploits.