Sign up to save your podcasts
Or
Share Fake Vulns, More Valve, and an AWS Cognito issue
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
![Day[0]](https://podcast-api-images.s3.amazonaws.com/corona/show/870239/logo_300x300.jpeg){kind=logo}
Fake Vulns, More Valve, and an AWS Cognito issue
Kicking off the week with some awesome vulns, an "almost" padding oracle in Azure Functions, a race-condition in AWS Cognito, some sound engine bugs, and a Foxit Reader Use-after-free.
[00:00:52] Arbitrary Code Execution in the Universal Turing Machine [CVE-2021-32471]
[00:03:18] Detecting and annoying Burp users
[00:08:08] Enabling Hardware-enforced Stack Protection (cetcompat) in Chrome
[00:13:00] Password reset code brute-force vulnerability in AWS Cognito
[00:16:52] ASUS GT-AC2900 Authentication Bypass [CVE-2021-32030]
[00:20:10] The False Oracle - Azure Functions Padding Oracle Issue
[00:25:30] How I Hacked Google App Engine: Anatomy of a Java Bytecode Exploit
[00:38:01] Workplace by Facebook | Unauthorized access to companies environment
[00:42:39] Exploiting the Source Engine (Part 2) - Full-Chain Client RCE in Source using Frida
[00:53:11] [Valve] OOB reads in network message handlers leads to RCE
[01:01:07] Security probe of Qualcomm MSM data services
[01:05:17] Foxit Reader FileAttachment annotation use-after-free vulnerability
[01:09:45] Attack llvmpipe Graphics Driver from Chromium
[01:16:00] Privilege Escalation Via a Use After Free Vulnerability In win32k [CVE-2021-26900]
[01:26:25] 21Nails: Multiple vulnerabilities in Exim
[01:27:22] nRF52 Debug Resurrection (APPROTECT Bypass)
[01:28:56] Capture The Flag - Discussion Video
Watch the DAY[0] podcast live on Twitch (@dayzerosec) every Monday afternoon at 12:00pm PST (3:00pm EST)
Or the video archive on Youtube (@dayzerosec)
View all episodes
By dayzerosec
4
1010 ratings
Kicking off the week with some awesome vulns, an "almost" padding oracle in Azure Functions, a race-condition in AWS Cognito, some sound engine bugs, and a Foxit Reader Use-after-free.
[00:00:52] Arbitrary Code Execution in the Universal Turing Machine [CVE-2021-32471]
[00:03:18] Detecting and annoying Burp users
[00:08:08] Enabling Hardware-enforced Stack Protection (cetcompat) in Chrome
[00:13:00] Password reset code brute-force vulnerability in AWS Cognito
[00:16:52] ASUS GT-AC2900 Authentication Bypass [CVE-2021-32030]
[00:20:10] The False Oracle - Azure Functions Padding Oracle Issue
[00:25:30] How I Hacked Google App Engine: Anatomy of a Java Bytecode Exploit
[00:38:01] Workplace by Facebook | Unauthorized access to companies environment
[00:42:39] Exploiting the Source Engine (Part 2) - Full-Chain Client RCE in Source using Frida
[00:53:11] [Valve] OOB reads in network message handlers leads to RCE
[01:01:07] Security probe of Qualcomm MSM data services
[01:05:17] Foxit Reader FileAttachment annotation use-after-free vulnerability
[01:09:45] Attack llvmpipe Graphics Driver from Chromium
[01:16:00] Privilege Escalation Via a Use After Free Vulnerability In win32k [CVE-2021-26900]
[01:26:25] 21Nails: Multiple vulnerabilities in Exim
[01:27:22] nRF52 Debug Resurrection (APPROTECT Bypass)
[01:28:56] Capture The Flag - Discussion Video
Watch the DAY[0] podcast live on Twitch (@dayzerosec) every Monday afternoon at 12:00pm PST (3:00pm EST)
Or the video archive on Youtube (@dayzerosec)
More shows like Day[0]
View all
Critical Thinking - Bug Bounty Podcast
56 Listeners