Day[0]

Mar 03 2025 275 ep. 66 mins 264
Day[0] Podcast artwork

A weekly podcast for bounty hunters, exploit developers or anyone interesting in the details of the latest disclosed vulnerabilities and exploits.

  Technology
RSS feed Share
Copy RSS


Subscribe on Podcast Addict


Path Confusion and Mixing Public/Private Keys

Mar 03 2025 59 mins  
This week's episode features a variety of vulnerabilities, including a warning on mixing up public and private keys in OpenID Connect deployments, as well as path confusion with an nginx+apache setup.Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/275.html[00:00:00] Introduction[00:19:00] The OOB Read zi Introduced[00:16:55] M

ZDI's Triaging Troubles and LibreOffice Exploits

Feb 25 2025 57 mins  
We discuss an 0day that was dropped on Parallels after 7 months of no fix from the vendor, as well as ZDI's troubles with responses to researchers and reproducing bugs. Also included are a bunch of filesystem issues, and an insanely technical linux kernel exploit chain.Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/274.html[0

Recycling Exploits in MacOS and Pirating Audiobooks

Feb 18 2025 77 mins  
We cover a comical saga of vulnerabilities and variants from incomplete fixes in macOS, as well as a bypass of Chrome's miraclePtr mitigation against Use-After-Frees (UAFs). We also discuss an attack that abuses COM hijacking to elevate to SYSTEM through AVG Antivirus, and a permissions issue that allows unauthorized access to DRM'd audiobooks.Links and vulnerability summaries for

Top 10 Web Hacking Techniques and Windows Shadow Stacks

Feb 12 2025 72 mins  
In this episode, we discuss the US government discloses how many 0ds were reported to vendors in a first-ever report. We also cover PortSwigger's top 10 web hacking techniques of 2024, as well as a deep dive on how kernel mode shadow stacks are implemented on Windows by Connor McGarr.Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/pod

Unicode Troubles, Bypassing CFG, and Racey Pointer Updates

Feb 04 2025 41 mins  
On the web side, we cover a portswigger post on ways of abusing unicode mishandling to bypass firewalls and a doyensec guide to OAuth vulnerabilities. We also get into a Windows exploit for a use-after-free in the telephony service that bypasses Control Flow Guard, and a data race due to non-atomic writes in the macOS kernel. Links and vulnerability summaries for this episode are

Deanonymization with CloudFlare and Subaru's Security Woes

Jan 27 2025 67 mins  
Zero Day Initiative posts their trends and observations from their threat hunting highlights of 2024, macOS has a sysctl bug, and a technique leverages CloudFlare to deanonymize users on messaging apps. PortSwigger also publishes a post on the Cookie Sandwich technique, and Subaru's weak admin panel security allows tracking and controlling other people's vehicles. Links an

Excavating Exploits and PHP Footguns

Jan 20 2025 72 mins  
This week features a mix of topics, from polyglot PDF/JSON to android kernel vulnerabilities. Project Zero also publishes a post about excavating an exploit strategy from crash logs of an In-The-Wild campaign. Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/269.html [00:00:00] Introduction [00:07:48] Attacking Hypervisors - From

WhatsApp vs. NSO and CCC Talks

Jan 14 2025 82 mins  
Specter and zi discuss their winter break, cover some interesting CCC talks, and discuss the summary judgement in the WhatsApp vs. NSO Group case. Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/268.html [00:00:00] Introduction [00:09:53] 38C3: Illegal Instructions [00:35:38] WhatsApp v. NSO Group [01:04:06] Vulnerability Resear

Buggy Operating Systems Are Coming to Town

Dec 16 2024 47 mins  
In our last episode of 2024, we delve into some operating system bugs in both Windows and Linux, as well as some bugs that are not bugs but rather AI slop. Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/267.html [00:00:00] Introduction [00:06:48] Buffer Overflow Risk in Curl_inet_ntop and inet_ntop4 [00:19:20] Bypassing WAFs wi

Machine Learning Attacks and Tricky Null Bytes

Dec 09 2024 45 mins  
This week's episode contains some LLM hacking and attacks on classifiers, as well as the renewal of DMA attacks with SD Express and the everlasting problems of null bytes. Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/266.html [00:00:00] Introduction [00:00:31] Hacking 2024 by No Starch [00:09:18] Announcing the Adaptive Promp