Fingerprinting Exploit Devs, BLURtooth and Punking Punkbuster
02:04:56 Share

Every wondering how you might fingerprint and trace exploit devs in the wild? Wondered what a backdoor in a D-Link router looks like? Want to hack Facebook (for Android)? We have all of that and more!

• [00:00:43] Google: Android Partner Vulnerability Initiative)

• https://bugs.chromium.org/p/apvi/issues/list?q=&can=1)

• [00:02:55] Project Zero: Announcing the Fuzzilli Research Grant Program)

• [00:08:40] GitHub: Code scanning is now available)

• [00:16:39] Hunting for exploits by looking for the author's fingerprints)

• [00:22:26] Forcing Firefox to Execute XSS Payloads during 302 Redirects)

• [00:27:10] Exploiting fine-grained AWS IAM permissions for total cloud compromise)

• https://medium.com/bugbountywriteup/aws-iam-explained-for-red-and-blue-teams-2dda8b20fbf7)

• [00:38:04] BLURtooth (the BLUR attacks) )

• [00:44:25] Arbitrary code execution on Facebook for Android)

• [00:51:44] [stripo] Public and secret api key leaked in JavaScript source)

• [01:00:14] [GitLab] Unvalidated Oauth email results in accounts takeovers on 3rd parties)

• [01:06:03] Hacking Grindr Accounts with Copy and Paste)

• [01:16:37] Exploiting Other Remote Protocols in IBM WebSphere)

• https://portswigger.net/web-security/deserialization/exploiting)

• [01:25:57] The Anatomy of a Bug Door: Dissecting Two D-Link Router Authentication Bypasses )

• [01:38:36] Hacking Punkbuster.)

• [01:43:26] Race Condition in handling of PID by apport [CVE-2020-15702])

• [01:57:24] Hardware Hacking Experiments)

• [01:59:11] How I automated McDonalds mobile game to win free iPhones)

• [01:59:42] Voyager - A Hyper-V Hacking Framework For Windows 10 x64 (AMD & Intel))

• [02:00:28] zznop/sploit: Go package that aids in binary analysis and exploitation)

Watch