- Technology
- SEE MORE
- classical
- general
- talk
- News
- Family
- Bürgerfunk
- pop
- Islam
- soul
- jazz
- Comedy
- humor
- wissenschaft
- opera
- baroque
- gesellschaft
- theater
- Local
- alternative
- electro
- rock
- rap
- lifestyle
- Music
- como
- RNE
- ballads
- greek
- Buddhism
- deportes
- christian
- piano
- djs
- Dance
- dutch
- flamenco
- social
- hope
- christian rock
- academia
- afrique
- Business
- musique
- ελληνική-μουσική
- religion
- World radio
- Zarzuela
- travel
- World
- NFL
- media
- Art
- public
- Sports
- Gospel
- st.
- baptist
- Leisure
- Kids & Family
- musical
- club
- Culture
- Health & Fitness
- True Crime
- Fiction
- children
- Society & Culture
- TV & Film
- gold
- kunst
- música
- gay
- Natural
- a
- francais
- bach
- economics
- kultur
- evangelical
- tech
- Opinion
- Government
- gaming
- College
- technik
- History
- Jesus
- Health
- movies
- radio
- services
- Church
- podcast
- Education
- international
- Transportation
- Other
- kids
- podcasts
- philadelphia
- Noticias
- love
- sport
- Salud
- film
- and
- 4chan
- Disco
- Stories
- fashion
- Arts
- interviews
- hardstyle
- entertainment
- humour
- medieval
- literature
- alma
- Cultura
- video
- TV
- Science
- en
Hacking Nintendo 3DS, Apple vs Corellium, and Android Bugs
An update on Apple v. Corellium, some 3DS vulnerabilities, and some drama on this weeks episode.
\n\n[00:00:34] Remote Chaos Experience
\n
- \n\t
- https://media.ccc.de/c/rc3
\n
\n[00:20:06] Apple Inc. v. Corellium, LLC
\n
- \n\t
- https://www.courtlistener.com/docket/16064642/784/apple-inc-v-corellium-llc/
\n
\n[00:28:17] The Great Suspender - New maintainer is probably malicious
\n
- \n\t
- https://github.com/greatsuspender/thegreatsuspender/issues/1263
\n
\n[00:36:59] An HTML Injection Worth 600$ Dollars
\n
- \n\t
- https://medium.com/bugbountywriteup/a-html-injection-worth-600-dollars-5f065be0ab49
\n
\n[00:44:06] Zoom Meeting Connector Post-Auth Remote Root
\n
- \n\t
- https://packetstormsecurity.com/files/160736/zoomer.py.txt
\n
\n[00:46:21] Hijacking Google Docs Screenshots
\n
- \n\t
- https://blog.geekycat.in/google-vrp-hijacking-your-screenshots/
\n
\n[00:49:49] Nintendo 3DS - Improper certificate validation allows an attacker to perform MitM attacks
\n
- \n\t
- https://hackerone.com/reports/894922
\n
\n[00:52:02] Nintendo 3DS - Unchecked number of audio channels in Mobiclip SDK leads to RCE in eShop movie player
\n
- \n\t
- https://hackerone.com/reports/897606
- https://twitter.com/forestillusion/status/1341230631913541633
- https://news.ycombinator.com/item?id=25508782
\n
\n[00:55:45] Apple macOS 6LowPAN Vulnerability [CVE-2020-9967]
\n
- \n\t
- https://alexplaskett.github.io/CVE-2020-9967/
\n
\n[01:01:24] An iOS hacker tries Android
\n
- \n\t
- https://googleprojectzero.blogspot.com/2020/12/an-ios-hacker-tries-android.html
\n
\n[01:14:29] Turning Imprisonment to Advantage in the FreeBSD ftpd chroot Jail [CVE-2020-7468]
\n
- \n\t
- https://www.thezdi.com/blog/2020/12/21/cve-2020-7468-turning-imprisonment-to-advantage-in-the-freebsd-ftpd-chroot-jail
\n
\n[01:18:36] Cross Layer Attacks and How to Use Them (for DNS Cache Poisoning, Device Tracking and More)
\n
- \n\t
- https://arxiv.org/abs/2012.07432
\n
\n[01:27:17] Helping secure DOMPurify (part 1)
\n
- \n\t
- https://research.securitum.com/helping-secure-dompurify-part-1/
\n
\n[01:28:23] A WIP "Vulnerable by Design" kext for iOS/macOS to play & learn *OS kernel exploitation
\n
- \n\t
- https://github.com/ant4g0nist/Vulnerable-Kext
\n
\n[01:30:01] PS4 7.02 WebKit + Kernel Chain Implementation
\n
- \n\t
- https://github.com/ChendoChap/ps4-ipv6-uaf/tree/7.00-7.02
\n
Watch the DAY[0] podcast live on Twitch (@dayzerosec) every Monday afternoon at 12:00pm PST (3:00pm EST)
\nOr the video archive on Youtube (@dayzerosec)