![Day[0]](https://static.mytuner.mobi/media/podcasts/063/day0-zero-days-for-day-zero.jpg)
Day[0]
dayzerosec
Categories: Technology
Listen to the last episode:
We are back and testing out a new episode format focusing more on discussion than summaries. We start talking a bit about the value of learning hacking by iterating on the same exploit and challenging yourself as a means of practicing the creative parts of exploitation. Then we dive into the recent Intel SGX fuse key leak, talk a bit about what it means, how it happened.
We are seeking feedback on this format. Particularly interested in those of you with more of a bug bounty or higher-level focus if an episode like this would still be appealing? If you want to share any feedback feel free to DM us (@__zi or @specterdev) or email us at media [at] dayzerosec.com
Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/255.html
[00:00:00] Introduction
[00:04:55] Exploiting CVE-2024-20017 4 different ways
[00:22:26] Intel SGX Fuse Keys Extracted
[00:51:01] Introducing the URL validation bypass cheat sheet
Podcast episodes are available on the usual podcast platforms:
-- Apple Podcasts: https://podcasts.apple.com/us/podcast/id1484046063
-- Spotify: https://open.spotify.com/show/4NKCxk8aPEuEFuHsEQ9Tdt
-- Google Podcasts: https://www.google.com/podcasts?feed=aHR0cHM6Ly9hbmNob3IuZm0vcy9hMTIxYTI0L3BvZGNhc3QvcnNz
-- Other audio platforms can be found at https://anchor.fm/dayzerosec
You can also join our discord: https://discord.gg/daTxTK9
Previous episodes
-
255 - Iterating Exploits & Extracting SGX KeysMon, 16 Sep 2024
-
254 - Memory Corruption: Best Tackled with Mitigations or Safe-LanguagesFri, 17 May 2024
-
253 - [discussion] A Retrospective and Future Look Into DAY[0]Fri, 19 Apr 2024
-
252 - [binary] Bypassing KASLR and a FortiGate RCEWed, 20 Mar 2024
-
251 - [bounty] RCE'ing Mailspring and a .NET CRLF InjectionTue, 19 Mar 2024
-
250 - [binary] Future of Exploit Development FollowupWed, 13 Mar 2024
-
249 - [bounty] libXPC to Root and Digital LockpickingTue, 12 Mar 2024
-
248 - [binary] Binary Ninja Free and K-LEAKWed, 06 Mar 2024
-
247 - [bounty] Hacking Google AI and SAMLTue, 05 Mar 2024
-
246 - [binary] Rust Memory Corruption???Wed, 28 Feb 2024
-
245 - [bounty] A PHP and Joomla Bug and some DOM ClobberingTue, 27 Feb 2024
-
244 - [binary] Linux Burns Down CVEsWed, 21 Feb 2024
-
243 - [bounty] GhostCMS, ClamAV, and the Top Web Hacking Techniques of 2023Tue, 20 Feb 2024
-
242 - [binary] kCTF Changes, LogMeIn, and wlan VFS BugsWed, 14 Feb 2024
-
241 - [bounty] The End of a DEFCON Era and Flipper Zero WoesTue, 13 Feb 2024
-
240 - [binary] The Syslog SpecialWed, 07 Feb 2024
-
239 - [bounty] Public Private Android Keys and Docker EscapesTue, 06 Feb 2024
-
238 - [binary] Busted ASLR, PixieFail, and Bypassing HVCIWed, 31 Jan 2024
-
237 - [bounty] Reborn Homograph Attacks and Ransacking PasswordsTue, 30 Jan 2024
-
236 - [binary] Bypassing Chromecast Secure-Boot and Exploiting FactorioWed, 17 Jan 2024
-
235 - [bounty] A GitLab Account Takeover and a Coldfusion RCETue, 16 Jan 2024
-
234 - [binary] Allocator MTE, libwebp, and Operation TriangulationWed, 10 Jan 2024
-
233 - [bounty] Spoofing Emails, PandoraFMS, and KeycloakTue, 09 Jan 2024
-
232 - [binary] RetSpill, A Safari Vuln, and Steam RCEFri, 22 Dec 2023
-
231 - [bounty] IOT Issues and DNS RebindingTue, 19 Dec 2023
-
230 - [binary] Samsung Baseband and GPU VulnsWed, 06 Dec 2023
-
229 - [bounty] Buggy Cookies and a macOS TCC BypassTue, 05 Dec 2023
-
228 - [binary] Hypervisor Bugs and a FAR-out iOS bugWed, 29 Nov 2023
-
227 - [bounty] Kubernetes Code Exec and There Is No SpoonTue, 28 Nov 2023
-
226 - [binary] A Heap of Linux BugsWed, 22 Nov 2023
-
225 - [bounty] Prompting for Secrets and Malicious ExtensionsTue, 21 Nov 2023
-
224 - [binary] A Bundle of Windows BugsWed, 15 Nov 2023
-
223 - [bounty] Usurping Mastodon and Broken Signature SchemesMon, 13 Nov 2023
-
222 - [binary] MTE Debuts, DNS Client Exploits, and iTLB MultihitWed, 08 Nov 2023
-
221 - [bounty] Attacking OAuth, Citrix, and some P2O DramaTue, 07 Nov 2023
-
220 - [binary] Windows Kernel Bugs, Safari Integer Underflow, and CONSTIFYTue, 24 Oct 2023
-
219 - [bounty] Rapid Reset, Attacking AWS Cognito, and Confluence BugsSun, 22 Oct 2023
-
218 - [binary] A Chrome RCE, WebP 0day, and glibc LPEWed, 11 Oct 2023
-
217 - [bounty] Insecure Firewalls, MyBB, and Winning with WinRARTue, 10 Oct 2023
-
216 - [binary] Busted Stack Protectors, MTE, and AI Powered FuzzingWed, 27 Sep 2023
-
215 - [bounty] DEF CON, HardwearIO, Broken Caching, and Dropping HeadersTue, 26 Sep 2023
-
214 - [binary] Exploiting VMware Workstation and the Return of CSG0-DaysThu, 25 May 2023
-
213 - [bounty] Jellyfin Exploits and TOCTOU SpellcastingTue, 23 May 2023
-
212 - [binary] Attacking VirtualBox and Malicious ChessThu, 18 May 2023
-
211 - [bounty] OverlayFS to Root and Parallels Desktop EscapesTue, 16 May 2023
-
210 - [binary] TPMs and Baseband BugsThu, 11 May 2023
-
209 - [bounty] Bad Ordering, Free OpenAI Credits, and Goodbye Passwords?Tue, 09 May 2023
-
208 - [binary] A Timing Side-Channel for Kernel Exploitation and VR in the wake of RustThu, 04 May 2023
-
207 - [bounty] Git Config Injection and a Sophos Pre-Auth RCETue, 02 May 2023
-
206 - [binary] A Ghostscript RCE and a Windows Registry BugThu, 27 Apr 2023
