Universal Deserialization, Stealing Youtube Videos, and CTFs

Published: Jan. 12, 2021, 11 p.m.

A new universal deserialization gadget for Ruby, a Rocket.Chat SAML auth bypass, and some heap exploitation research.

\n

\n[00:00:36] Cybersecurity Knowledge and Skills Taught in Capture the Flag Challenges
\n

    \n\t
  • https://arxiv.org/pdf/2101.01421v1.pdf

  • \n
\n

\n

\n[00:10:36] Universal Deserialisation Gadget for Ruby 2.x-3.x
\n

    \n\t
  • https://devcraft.io/2021/01/07/universal-deserialisation-gadget-for-ruby-2-x-3-x.html

  • \n
\n

\n

\n[00:13:54] Stealing Your Private YouTube Videos, One Frame at a Time
\n

    \n\t
  • https://bugs.xdavidhu.me/google/2021/01/11/stealing-your-private-videos-one-frame-at-a-time/

  • \n
\n

\n

\n[00:21:43] Rocket.chat - SAML authentication bypass
\n

    \n\t
  • https://hackerone.com/reports/1049375

  • \n
\n

\n

\n[00:25:49] curl is vulnerable to SSRF due to improperly parsing the host component of the URL
\n

    \n\t
  • https://hackerone.com/reports/704621

  • \n
\n

\n

\n[00:31:02] Issue 2095: Node.js: use-after-free in TLSWrap
\n

    \n\t
  • https://bugs.chromium.org/p/project-zero/issues/detail?id=2095

  • \n
\n

\n

\n[00:35:28] Preventing Use-After-Free Attacks with Fast Forward Allocation
\n

    \n\t
  • https://gts3.org/assets/papers/2021/wickman:ffmalloc.pdf

  • \n
\n

\n

\n[00:49:38] Automatic Techniques to Systematically Discover New Heap Exploitation Primitives
\n

    \n\t
  • https://www.usenix.org/system/files/sec20fall_yun_prepub.pdf

  • \n
\n

\n

\n[00:59:50] A Samsung RKP Compendium
\n

    \n\t
  • https://blog.longterm.io/samsung_rkp.html

  • \n
\n

\n

\n[01:11:32] Analyzing CVE-2020-16040
\n

    \n\t
  • https://faraz.faith/2021-01-07-cve-2020-16040-analysis/

  • \n
\n

\n

\n[01:13:51] HexLasso Online
\n

    \n\t
  • https://suszter.com/hexlasso-online/

  • \n
\n

\n

\n[01:15:30] A Side Journey to Titan
\n

    \n\t
  • https://ninjalab.io/a-side-journey-to-titan/

  • \n
\n

\n

Watch the DAY[0] podcast live on Twitch (@dayzerosec) every Monday afternoon at 12:00pm PST (3:00pm EST)

\n

Or the video archive on Youtube (@dayzerosec)