IDA...Go home, Sandboxie source, and some RCEs (TP-Link, Starcraft 1, OhMyZsh)
01:30:00 Share

Starting off the week with a discussion about the disappointing IDA Home, before moving into a few easy command injections, code-reuse attacks applied to XSS, detecting trojaned hardware and ending with a subtle crypto-bug.

• [00:00:45] DAY[0] Episode Transcripts now Available)

• [00:02:53] Microsoft Buys Corp.com to Keep It Safe from Hackers (Over $1.7 Million Deal))

• [00:05:42] Hack for Good: Easily Donate Bounties to WHO’s COVID-19 Response Fund)

• [00:10:55] RetDec v4.0 is out)

• [00:17:33] IDA Home is coming)

• https://www.sophia.re/Binary-Rockstar/index.html)

• https://nostarch.com/GhidraBook)

• [00:33:44] Sandboxie Open Source Code is available)

• https://github.com/xanasoft/Sandboxie)

• [00:38:01] Exploiting the TP-Link Archer A7)

• [00:46:50] Exploiting the Starcraft 1 EUD Bug)

• [00:51:23] OhMyZsh dotenv Remote Code Execution)

• [00:56:19] Symantec Web Gateway 5.0.2.8 Remote Code Execution)

• [00:59:15] VMware vCenter Server Sensitive Information Disclosure [CVE-2020-3952])

• [01:01:39] Bypassing modern XSS mitigations with code-reuse attacks)

• [01:07:49] Practical Data Poisoning Attack against Next-Item Recommendation)

• [01:11:40] Hardware Trojan Detection Using Controlled Circuit Aging)

• [01:16:18] A "Final" Security Bug)

• [01:27:05] RCEed version of computer malware / rootkit MyRTUs / Stuxnet.)

• https://github.com/christian-roggia/open-myrtus/blob/master/rootkit/FastIo.c)

• https://xkcd.com/350/)

Watch the DAY[0] podcast live on Twitch (@dayzerosec)) every Monday afternoon at 12:00pm PST (3:00pm EST)

Or the video archive on Youtube (@DAY[0]))