BROADCASTS.com

More bug bounty style bugs, but you'd be forgiven reading that title thinking we had a low-level focus this episode. We got some awesome bugs this week though from tricking Dependabot and abusing placeholder values, an IIS auth bypass. Ending off with a kernel bug (OverlayFS) and a VM escape (Parallels Desktop)

Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/211.html

[00:00:00] Introduction

[00:00:28] Dependabot Confusion: Gaining Access to Private GitHub Repositories using Dependabot

[00:12:39] Placeholder for Dayzzz: Abusing placeholders to extract customer informations

[00:19:40] Bypass IIS Authorisation with this One Weird Trick - Three RCEs and Two Auth Bypasses in Sitecore 9.3

[00:33:44] PwnAssistant - Controlling /home's via a Home Assistant RCE

[00:39:26] The OverlayFS vulnerability [CVE-2023-0386]

[00:44:01] Escaping Parallels Desktop with Plist Injection

The DAY[0] Podcast episodes are streamed live on Twitch twice a week:

-- Mondays at 3:00pm Eastern (Boston) we focus on web and more bug bounty style vulnerabilities

-- Tuesdays at 7:00pm Eastern (Boston) we focus on lower-level vulnerabilities and exploits.

We are also available on the usual podcast platforms:

-- Apple Podcasts: https://podcasts.apple.com/us/podcast/id1484046063

-- Spotify: https://open.spotify.com/show/4NKCxk8aPEuEFuHsEQ9Tdt

-- Google Podcasts: https://www.google.com/podcasts?feed=aHR0cHM6Ly9hbmNob3IuZm0vcy9hMTIxYTI0L3BvZGNhc3QvcnNz

-- Other audio platforms can be found at https://anchor.fm/dayzerosec

You can also join our discord: https://discord.gg/daTxTK9

#BugBounty #BugHunting #InfoSec #CyberSec #Podcast