A shortcut (.lnk) to RCE, Pi-Hole, Shadow Stacks, and fine-grained kASLR
Day[0] - A podcast by dayzerosec
Categorie:
Is there a shortcut to RCE? Well, on Windows .LNK files could be just that. We also talk about a few others vulnerabilities impacting Windows, Pi-Hole and Netflix. And end by looking at Window's new hardware enforced Shadow Stack and a proof-of-concept for fine-grained kASLR on Linux.
- [00:01:18] The Netflix account compromise Bugcrowd doesn't want you to know about
- [00:16:21] Where is my Train : Tracking to Hacking
- [00:22:59] Intel SGX removed from Rocket Skylake-S CPUs
- [00:28:17] Type 1 Font Parsing Remote Code Execution Vulnerability
- [00:33:41] Configuration Overwrite in IBM Cognos TM1 [CVE-2019-4716]
- [00:42:19] Remote Code Execution Through .LNK Files [CVE-2020-0729]
- [00:53:15] Pi-hole Remote Code Execution [CVE-2020-8816]
- [01:03:14] NordVPN - Unauthorized User Can Delete Any User Account
- [01:09:33] Smart Contracts Inside SGX Enclaves: Common Security Bug Patterns
- [01:20:01] Smart Contracts Inside SGX Enclaves: Common Security Bug Patterns
- [01:20:28] Understanding Hardware-enforced Stack Protection
- [01:32:21] [RFC PATCH 00/11] Finer grained kernel address space randomization - Kristen Carlson Accardi
- [01:42:14] Slayer Labs
Watch the DAY[0] podcast live on Twitch (@dayzerosec) every Monday afternoon at 12:00pm PST (3:00pm EST)
Or the video archive on Youtube (@DAY[0])