all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

178 - Attacking Bhyves and a Kernel UAF [Binary Exploitation Podcast]

Add to bookmarks
Jan. 12, 2023, 1 a.m. | DAY[0]

DAY[0] www.youtube.com

Just a few issues this week, but some solid exploitation. A Kernel UAF, IoT, and a bhyve escape.

Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/178.html

[00:00:00] Introduction
[00:00:35] Spot the Vuln - Internal Externals
[00:06:35] Escaping from bhyve
[00:13:14] Linux Kernel: Exploiting a Netfilter Use-after-Free in kmalloc-cg
[00:29:28] MeshyJSON: A TP-Link tdpServer JSON Stack Overflow
[00:42:19] Survey of security mitigations and architectures, December 2022
[00:45:25] Abusing RCU callbacks with a Use-After-Free read to defeat KASLR

The …

abusing binary binary exploitation december escape exploitation exploiting free internal introduction iot json kaslr kernel link linux linux kernel mitigations netfilter overflow podcast security solid stack overflow survey tp-link uaf use-after-free vuln

Visit resource

More from www.youtube.com / DAY[0]

252 - Bypassing KASLR and a FortiGate RCE [Binary Exploitation Podcast] 4 weeks ago | www.youtube.com
aslr binary binary exploitation bypass +23
251 - RCE'ing Mailspring and a .NET CRLF Injection [Bug Bounty Podcast] 4 weeks, 1 day ago | www.youtube.com
attack attack chain attacks bounty +16
Future of Exploit Development Follow-up (Episode 250) 1 month ago | www.youtube.com
corruption development exploit exploit development +9
249 - libXPC to Root and Digital Lockpicking [Bug Bounty Podcast] 1 month ago | www.youtube.com
android authentication authentication bypass bounty +22
248 - Binary Ninja Free and K-LEAK [Binary Exploitation Podcast] 1 month, 1 week ago | www.youtube.com
automated binary binary exploitation binary ninja +13
247 - Hacking Google AI and SAML [Bug Bounty Podcast] 1 month, 1 week ago | www.youtube.com
auth authentication authentication bypass automated +25
246 - Rust Memory Corruption??? [Binary Exploitation Podcast] 1 month, 2 weeks ago | www.youtube.com
access array binary binary exploitation +21
245 - A PHP and Joomla Bug and some DOM Clobbering [Bug Bounty Podcast] 1 month, 3 weeks ago | www.youtube.com
api bounty bug bug bounty +20
244 - Linux Burns Down CVEs [Binary Exploitation Podcast] 1 month, 3 weeks ago | www.youtube.com
binary binary exploitation buffer buffer overflow +20

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Information Security Engineers

@ D. E. Shaw Research | New York City
View on infosec-jobs.com

Ford Pro Tech and FCSD Tech – Product Manager, Cyber Security

@ Ford Motor Company | Chennai, Tamil Nadu, India
View on infosec-jobs.com

Cloud Data Encryption and Cryptography Automation Expert

@ Ford Motor Company | Chennai, Tamil Nadu, India
View on infosec-jobs.com

SecOps Analyst

@ Atheneum | Berlin, Berlin, Germany
View on infosec-jobs.com

Consulting Director, Cloud Security, Proactive Services (Unit 42)

@ Palo Alto Networks | Santa Clara, CA, United States
View on infosec-jobs.com
View more jobs