042 - iOS 0days are worthless, PrintDemon, and a takeover of hackerone

Are iOS 0days now worthless? Can you hack a satellite...or hackerone? Are WAFs worthwhile? And more on a fairly discussion heavy episode of DAY[0]. The DAY[0] podcast is streamed live on Twitch every Monday afternoon at 3:pm EST --   / dayzerosec   The audio-only version of the podcast is available on: -- Spotify: https://open.spotify.com/show/4NKCxk8... -- Apple Podcasts: https://podcasts.apple.com/us/podcast... -- Google Podcasts: https://www.google.com/podcasts?feed=... -- Other audio platforms can be found at https://anchor.fm/dayzerosec You can also join our discord:   / discord   Or follow us on Twitter (@dayzerosec) to know when new releases are coming. [00:00:00] Introduction [00:01:04] [UPDATE] Huawei HKSP Introduces Trivially Exploitable Vulnerability https://grsecurity.net/huawei_hksp_in... https://github.com/cloudsec/aksp/blob... [00:12:11] iOS one-click chains prices likely to drop https://twitter.com/Zerodium/status/1... https://www.hackasat.com/ [00:33:42] Defcon Quals 2020 https://oooverflow.io/ https://hxp.io/blog/72/DEFCON-CTF-Qua... [00:46:45] vBulletin 5.6.1 SQL Injection https://packetstormsecurity.com/files... [00:53:04] Subdomain takeover of resources.hackerone.com https://hackerone.com/reports/863551 [01:01:23] MyLittleAdmin PreAuth RCE https://ssd-disclosure.com/ssd-adviso... [01:06:25] DOM-Based XSS at accounts.google.com by Google Voice Extension. http://www.missoumsai.com/google-acco... [01:16:59] Playing with GZIP: RCE in GLPI [CVE-2020-11060] https://offsec.almond.consulting/play... [01:36:36] Reverse RDP - The Path Not Taken https://research.checkpoint.com/2020/... [01:44:31] PrintDemon: Print Spooler Privilege Escalation, Persistence & Stealth [CVE-2020-1048] https://windows-internals.com/printde...   / 1260598344650539009   [01:53:46] Security Flaws in Adobe Acrobat Reader Allow Malicious Program to Gain Root on macOS Silently https://rekken.github.io/2020/05/14/S... [02:00:41] Cloud WAF Comparison Using Real-World Attacks   / cloud-waf-comparison-using-real-world-attacks     / cloud-waf-comparison-part-2   https://en.wikipedia.org/wiki/Server_... [02:18:32] Fuzzing TLS certificates from their ASN.1 grammar https://blog.doyensec.com//2020/05/14... [02:22:37] DHS CISA and FBI share list of top 10 most exploited vulnerabilities https://www.us-cert.gov/ncas/alerts/a...