Рет қаралды 75,998
In this video, we take a deep dive into a high severity Zoom SQL injection vulnerability, which allowed attackers to enable a victims webcam and microphone without their permission. This vulnerability was exploited by taking advantage of dependencies between back-end systems and the SQLite database engine. Whether you're a pen tester, security researcher, or cyber security expert, having a solid foundation in character encoding schemes, especially when it comes to SQL, is critical.
0:00 - Overview
1:06- Reverse Engineering
4:40- SQLite
5:32 - Attack Vector
8:27 - Encoding (ASCII, Unicode, UTF-8)
11:45 - Exploit
WE HAVE A DISCORD NOW! / discord
Original report by Keegan Ryan
/ patched-zoom-exploit-a...
MUSIC CREDITS:
LEMMiNO - Cipher
• LEMMiNO - Cipher (BGM)
CC BY-SA 4.0
LEMMiNO - Firecracker
• LEMMiNO - Nocturnal (BGM)
CC BY-SA 4.0
LEMMiNO - Nocturnal
• LEMMiNO - Nocturnal (BGM)
CC BY-SA 4.0
LEMMiNO - Siberian
• LEMMiNO - Nocturnal (BGM)
CC BY-SA 4.0
#programming #software #softwareengineering #computerscience #code #programminglanguage #softwaredevelopment #hacking #hack #cybersecurity #exploit #tracking #softwareengineer #vulnerability #pentesting #privacy #spyware #malware #cyber #cyberattack #bugbounties #ethicalhacking #lowlevelsecurity #zeroday #zeroday #cybersecurityexplained #bugbounty #SQL #injection #SQLinjection #unicode #ASCII #UTF8 #encoding #breach #SQLbreach #SQLite #databaseinjection #Zoom #Linux #localSQL