Binary Ninja's Decompiler, git credential leak, cross-platform LPEs episode artwork

EPISODE · Apr 21, 2020 · 2H 30M

Binary Ninja's Decompiler, git credential leak, cross-platform LPEs

from Day[0] · host dayzerosec

Zoom vuln worth $500k? Probably not... What is worth $500k? Binary Ninja's new decompiler...okay probably not but it is exciting.We've also got some stupid issues and some interesting LPEs this episode. [00:00:29] Cognizant suffers Maze Ransomware cyber attack [00:14:08] Hackers Are Selling a Critical Zoom Zero-Day Exploit for $500,000 [00:27:46] How I Reverse Engineered the LastPass CLI Tool [00:35:59] State of the Ninja: Episode 13 [01:02:18] Riot offering up to $100k n Bug Bounty [01:05:31] Research Grants to support Google VRP Bug Hunters during COVID-19 [01:09:08] Denial of service to WP-JSON API by cache poisoning [01:11:43] CSRF to RCE bug chain in Prestashop [01:21:16] Unintended disclosure of OTP [01:24:20] JSON Web Token Validation Bypass in Auth0 Authentication API [01:27:06] git: Newline injection in credential helper [01:31:20] How Misleading Documentation Led to a Broken Patch for a Windows Arbitrary File Disclosure Vulnerability [01:36:34] Pwning vCenter with CVE-2020-3952 [01:45:19] Oracle Solaris 11.x/10 whodo/w Buffer Overflow [01:51:22] Linux Kernel EoP via Improper eBPF Program Verification [CVE-2020-8835] [01:57:39] Multiple Kernel Vulnerabilities Affecting All Qualcomm Devices https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=c4f42c24e02ce82392d8f8fe215570568380c8ab [02:07:20] Ricerca Security: "SMBGhost pre-auth RCE https://blog.zecops.com/vulnerabilities/exploiting-smbghost-cve-2020-0796-for-a-local-privilege-escalation-writeup-and-poc/ [02:14:01] IJON: Exploring Deep State Spaces via Fuzzing [02:23:26] Pangolin: Incremental Hybrid Fuzzing with Polyhedral Path Abstraction [02:27:45] GitHub - wcventure/FuzzingPaper

Episode metadata supplied by the publisher feed · Published Apr 21, 2020

Zoom vuln worth $500k? Probably not... What is worth $500k? Binary Ninja's new decompiler...okay probably not but it is exciting.We've also got some stupid issues and some interesting LPEs this episode. [00:00:29] Cognizant suffers Maze Ransomware cyber attack [00:14:08] Hackers Are Selling a Critical Zoom Zero-Day Exploit for $500,000 [00:27:46] How I Reverse Engineered the LastPass CLI Tool [00:35:59] State of the Ninja: Episode 13 [01:02:18] Riot offering up to $100k n Bug Bounty [01:05:31] Research Grants to support Google VRP Bug Hunters during COVID-19 [01:09:08] Denial of service to WP-JSON API by cache poisoning [01:11:43] CSRF to RCE bug chain in Prestashop [01:21:16] Unintended disclosure of OTP [01:24:20] JSON Web Token Validation Bypass in Auth0 Authentication API [01:27:06] git: Newline injection in credential helper [01:31:20] How Misleading Documentation Led to a Broken Patch for a Windows Arbitrary File Disclosure Vulnerability [01:36:34] Pwning vCenter with CVE-2020-3952 [01:45:19] Oracle Solaris 11.x/10 whodo/w Buffer Overflow [01:51:22] Linux Kernel EoP via Improper eBPF Program Verification [CVE-2020-8835] [01:57:39] Multiple Kernel Vulnerabilities Affecting All Qualcomm Devices https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=c4f42c24e02ce82392d8f8fe215570568380c8ab [02:07:20] Ricerca Security: "SMBGhost pre-auth RCE https://blog.zecops.com/vulnerabilities/exploiting-smbghost-cve-2020-0796-for-a-local-privilege-escalation-writeup-and-poc/ [02:14:01] IJON: Exploring Deep State Spaces via Fuzzing [02:23:26] Pangolin: Incremental Hybrid Fuzzing with Polyhedral Path Abstraction [02:27:45] GitHub - wcventure/FuzzingPaper

PodParley-generated summary based on available episode metadata and transcript content.

NOW PLAYING

Binary Ninja's Decompiler, git credential leak, cross-platform LPEs

0:00 2:30:38

No transcript for this episode yet

We transcribe on demand. Request one and we'll notify you when it's ready — usually under 10 minutes.

Frequently Asked Questions

How long is this episode of Day[0]?

This episode is 2 hours and 30 minutes long.

When was this Day[0] episode published?

This episode was published on April 21, 2020.

What is this episode about?

Zoom vuln worth $500k? Probably not... What is worth $500k? Binary Ninja's new decompiler...okay probably not but it is exciting.We've also got some stupid issues and some interesting LPEs this episode. [00:00:29] Cognizant suffers Maze Ransomware...

Can I download this Day[0] episode?

Yes, you can download this episode by clicking the download button on the episode player, or subscribe to the podcast in your preferred podcast app for automatic downloads.
URL copied to clipboard!