ESP32 Backdoor Drama and SAML Auth Bypasses

Day[0]

Вміст надано dayzerosec. Весь вміст подкастів, включаючи епізоди, графіку та описи подкастів, завантажується та надається безпосередньо компанією dayzerosec або його партнером по платформі подкастів. Якщо ви вважаєте, що хтось використовує ваш захищений авторським правом твір без вашого дозволу, ви можете виконати процедуру, описану тут https://uk.player.fm/legal.

6M ago 1:14:08

MP3•Головна епізоду

Discussion this week starts with the ESP32 "backdoor" drama that circled the media, with some XML-based vulnerabilities in the mix. Finally, we cap off with a post on reviving modprobe_path for Linux exploitation, and some discussion around an attack chain against China that was attributed to the NSA.

Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/277.html

[00:00:00] Introduction

[00:00:25] The ESP32 "backdoor" that wasn't

[00:14:26] Speedrunners are vulnerability researchers

[00:27:58] Sign in as anyone: Bypassing SAML SSO authentication with parser differentials

[00:38:47] Impossible XXE in PHP

[00:52:41] Reviving the modprobe_path Technique: Overcoming search_binary_handler() Patch

[01:04:15] Trigon: developing a deterministic kernel exploit for iOS

[01:06:43] An inside look at NSA (Equation Group) TTPs from China’s lense

Podcast episodes are available on the usual podcast platforms:

-- Apple Podcasts: https://podcasts.apple.com/us/podcast/id1484046063

-- Spotify: https://open.spotify.com/show/4NKCxk8aPEuEFuHsEQ9Tdt

-- Google Podcasts: https://www.google.com/podcasts?feed=aHR0cHM6Ly9hbmNob3IuZm0vcy9hMTIxYTI0L3BvZGNhc3QvcnNz

-- Other audio platforms can be found at https://anchor.fm/dayzerosec

You can also join our discord: https://discord.gg/daTxTK9

282 епізодів

#Tech #dayzerosec