all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

249 - libXPC to Root and Digital Lockpicking [Bug Bounty Podcast]

Add to bookmarks
March 12, 2024, 11 a.m. | DAY[0]

DAY[0] www.youtube.com

In this episode we have an libXPC root privilege escalation, a run-as debuggability check bypass in Android, and digital lockpicking on smart locks.

Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/249.html

[00:00:00] Introduction
[00:00:21] Progress OpenEdge Authentication Bypass Deep-Dive [CVE-2024-1403]
[00:05:19] xpcroleaccountd Root Privilege Escalation [CVE-2023-42942]
[00:10:50] Bypassing the “run-as” debuggability check on Android via newline injection
[00:18:09] Say Friend and Enter: Digitally lockpicking an advanced smart lock (Part 2: discovered vulnerabilities)
[00:43:06] Using form hijacking to …

android authentication authentication bypass bounty bug bug bounty bypass bypassing check cve digital dive escalation injection introduction libxpc lockpicking locks podcast privilege privilege escalation progress progress openedge root run smart

Visit resource

More from www.youtube.com / DAY[0]

Memory Corruption: Best Tackled with Mitigations or Safe-Languages? [254] 1 day, 13 hours ago | www.youtube.com
amp cisa corruption evolution +11
253 - A Retrospective and Future Look Into DAY[0] 4 weeks, 1 day ago | www.youtube.com
air bounty change future +5
252 - Bypassing KASLR and a FortiGate RCE [Binary Exploitation Podcast] 1 month, 4 weeks ago | www.youtube.com
aslr binary binary exploitation bypass +23
251 - RCE'ing Mailspring and a .NET CRLF Injection [Bug Bounty Podcast] 1 month, 4 weeks ago | www.youtube.com
attack attack chain attacks bounty +16
Future of Exploit Development Follow-up (Episode 250) 2 months ago | www.youtube.com
corruption development exploit exploit development +9
249 - libXPC to Root and Digital Lockpicking [Bug Bounty Podcast] 2 months ago | www.youtube.com
android authentication authentication bypass bounty +22
248 - Binary Ninja Free and K-LEAK [Binary Exploitation Podcast] 2 months, 1 week ago | www.youtube.com
automated binary binary exploitation binary ninja +13
247 - Hacking Google AI and SAML [Bug Bounty Podcast] 2 months, 1 week ago | www.youtube.com
auth authentication authentication bypass automated +25
246 - Rust Memory Corruption??? [Binary Exploitation Podcast] 2 months, 2 weeks ago | www.youtube.com
access array binary binary exploitation +21

Jobs in InfoSec / Cybersecurity

Post a Job Search Talent

Information Security Engineers

@ D. E. Shaw Research | New York City
View on infosec-jobs.com

Technology Security Analyst

@ Halton Region | Oakville, Ontario, Canada
View on infosec-jobs.com

Senior Cyber Security Analyst

@ Valley Water | San Jose, CA
View on infosec-jobs.com

COMM Penetration Tester (PenTest-2), Chantilly, VA OS&CI Job #368

@ Allen Integrated Solutions | Chantilly, Virginia, United States
View on infosec-jobs.com

Consultant Sécurité SI H/F Gouvernance - Risques - Conformité

@ Hifield | Sèvres, France
View on infosec-jobs.com

Infrastructure Consultant

@ Telefonica Tech | Belfast, United Kingdom
View on infosec-jobs.com