Podcasts Technology Day[0] Hacking Cameras, Stealing Logins, and Breaking Git

Hacking Cameras, Stealing Logins, and Breaking Git

Published: March 16, 2021, 10 p.m.

RCE while cloning a Git repo, injecting video into network cameras, and stealing logins with HTML injection when XSS isn't possible.

\n

\n[00:00:32] Critics fume after Github removes exploit code for Exchange vulnerabilities
\n

    \n\t
  • https://arstechnica.com/gadgets/2021/03/critics-fume-after-github-removes-exploit-code-for-exchange-vulnerabilities/

  • https://borncity.com/win/2021/03/14/gab-es-beim-exchange-massenhack-ein-leck-bei-microsoft/

    • \n
\n

\n

\n[00:09:21] CCTV: Now You See Me, Now You Don't
\n

    \n\t
  • https://research.aurainfosec.io/v380-ip-camera/

    • \n
\n

\n

\n[00:13:47] CSRF to RCE Chain in Zabbix [CVE-2021-27927]
\n

    \n\t
  • https://www.horizon3.ai/disclosures/zabbix-csrf-to-rce

    • \n
\n

\n

\n[00:19:44] Stealing Froxlor login credentials using dangling markup [CVE-2020-29653]
\n

    \n\t
  • https://labs.detectify.com/2021/03/10/cve-2020-29653-stealing-froxlor-login-credentials-dangling-markup/

    • \n
\n

\n

\n[00:25:29] git: malicious repositories can execute remote code while cloning
\n

    \n\t
  • https://www.openwall.com/lists/oss-security/2021/03/09/3

  • https://github.com/gitster/git/commit/684dd4c2b414bcf648505e74498a608f28de4592

    • \n
\n

\n

\n[00:30:49] git: malicious repositories can execute remote code while cloning
\n

    \n\t
  • https://www.openwall.com/lists/oss-security/2021/03/09/3

  • https://bugs.chromium.org/p/project-zero/issues/detail?id=2021

    • \n
\n

\n

\n[00:33:37] Dell OpenManage Server Administrator File Read [CVE-2020-5377]
\n

    \n\t
  • https://rhinosecuritylabs.com/research/cve-2020-5377-dell-openmanage-server-administrator-file-read/

    • \n
\n

\n

\n[00:38:55] Windows Containers: ContainerUser has Elevated Privileges
\n

    \n\t
  • https://bugs.chromium.org/p/project-zero/issues/detail?id=2127

    • \n
\n

\n

\n[00:40:18] Windows Containers: Host Registry Virtual Registry Provider Bypass EoP
\n

    \n\t
  • https://bugs.chromium.org/p/project-zero/issues/detail?id=2129

    • \n
\n

\n

\n[00:42:34] F5 Big IP - ASM stack-based buffer overflow in is_hdr_criteria_matches
\n

    \n\t
  • https://bugs.chromium.org/p/project-zero/issues/detail?id=2132

    • \n
\n

\n

\n[00:48:59] F5 Big IP - TMM uri_normalize_host infoleak and out-of-bounds write
\n

    \n\t
  • https://bugs.chromium.org/p/project-zero/issues/detail?id=2126

    • \n
\n

\n

\n[00:59:37] One day short of a full chain: Part 1 - Android Kernel arbitrary code execution
\n

    \n\t
  • https://securitylab.github.com/research/one_day_short_of_a_fullchain_android

    • \n
\n

\n

\n[01:08:07] Exploiting a \u201cSimple\u201d Vulnerability, Part 2 \u2013 What If We Made Exploitation Harder?
\n

    \n\t
  • https://windows-internals.com/exploiting-a-simple-vulnerability-part-2-what-if-we-made-exploitation-harder/?utm_source=rss&utm_medium=rss&utm_campaign=exploiting-a-simple-vulnerability-part-2-what-if-we-made-exploitation-harder

    • \n
\n

\n

\n[01:09:11] Playing in the (Windows) Sandbox
\n

    \n\t
  • https://research.checkpoint.com/2021/playing-in-the-windows-sandbox/

    • \n
\n

\n

\n[01:09:39] Regexploit: DoS-able Regular Expressions
\n

    \n\t
  • https://blog.doyensec.com/2021/03/11/regexploit.html

    • \n
\n

\n

Watch the DAY[0] podcast live on Twitch (@dayzerosec) every Monday afternoon at 12:00pm PST (3:00pm EST)

\n

Or the video archive on Youtube (@dayzerosec)