Shownotes Transcript
Lets go back in time to look at the leaked WinXP source, and a Half-Life 1 exploit. And, while we are at it a couple Instagram vulns and a cheap hardware attack against Android.
[00:00:50] Windows XP Source Leak)
https://twitter.com/vxunderground/status/1309231131313737735)
https://twitter.com/dangeredwolf/status/1310067935902343170)
[00:12:49] "I'm not a fan of critical bugs")
[00:28:01] API Keys leaked via Solana BBP github repo)
[00:36:34] Exploiting Tiny Tiny RSS)
[00:45:28] HackerOne Reflected XSS)
[00:50:37] Steam Arbitrary File Overwrite)
[00:55:23] Half-Life 1 Code Execution with malformed map name)
[00:59:09] uTorrent Vulnerability [CVE-2020-8437])
https://raw.githubusercontent.com/guywhataguy/uTorrent-CVE-2020-8437/master/malicious.torrent)
[01:09:26] $25K Instagram Almost XSS Filter Link)
[01:14:57] #Instagram_RCE)
[01:26:44] Kernel exploitation: weaponizing [CVE-2020-17382])
[01:34:07] Bypass Android MDM)
[01:41:17] XSS without arbitrary JavaScript)
[01:48:40] security things in Linux v5.7)
[01:56:48] Code Review 101)
Watch the DAY[0] podcast live on Twitch (@dayzerosec)) every Monday afternoon at 12:00pm PST (3:00pm EST)
Or the video archive on Youtube (@DAY[0]))