DAY[0] Episode #12 – Exploits-galore iOS (checkm8), Android, Signal, Whatsapp, PHP and more

[00:00:40] What happened while we were gone. ft. Defcon and Blackhat discussion [00:20:10] Checkm8 – iPhone bootROM exploit https://github.com/axi0mX/ipwndfu/blob/master/checkm8.py [00:28:52] iPhone A11 debug registers allow full-featured kernel debugging https://bugs.chromium.org/p/project-zero/issues/detail?id=1900 [00:32:52] Android: Use-After-Free in Binder driver https://bugs.chromium.org/p/project-zero/issues/detail?id=1942 https://groups.google.com/forum/#!msg/syzkaller-bugs/QyXdgUhAF50/g-FXVo1OAwAJ [00:39:36] PHP 7.0-7.3 disable_functions bypass https://github.com/mm0r1/exploits/tree/master/php7-gc-bypass https://bugs.php.net/bug.php?id=72530 [00:51:49] An Empirical Study of C++ Vulnerabilities in Crowd-Sourced Code Examples