In this video, we take a deep dive into a high severity Zoom SQL injection vulnerability, which allowed attackers to enable a victims webcam and microphone without their permission. This vulnerability was exploited by taking advantage of dependencies between back-end systems and the SQLite database engine. Whether you're a pen tester, security researcher, or cyber security expert, having a solid foundation in character encoding schemes, especially when it comes to SQL, is critical.
0:00 - Overview
1:06- Reverse Engineering
4:40- SQLite
5:32 - Attack Vector
8:27 - Encoding (ASCII, Unicode, UTF-8)
11:45 - Exploit
WE HAVE A DISCORD NOW! [ Ссылка ]
Original report by Keegan Ryan
[ Ссылка ]
MUSIC CREDITS:
LEMMiNO - Cipher
[ Ссылка ]
CC BY-SA 4.0
LEMMiNO - Firecracker
[ Ссылка ]
CC BY-SA 4.0
LEMMiNO - Nocturnal
[ Ссылка ]
CC BY-SA 4.0
LEMMiNO - Siberian
[ Ссылка ]
CC BY-SA 4.0
#programming #software #softwareengineering #computerscience #code #programminglanguage #softwaredevelopment #hacking #hack #cybersecurity #exploit #tracking #softwareengineer #vulnerability #pentesting #privacy #spyware #malware #cyber #cyberattack #bugbounties #ethicalhacking #lowlevelsecurity #zeroday #zeroday #cybersecurityexplained #bugbounty #SQL #injection #SQLinjection #unicode #ASCII #UTF8 #encoding #breach #SQLbreach #SQLite #databaseinjection #Zoom #Linux #localSQL
The Hacker who could turn on ANYONE'S Zoom Camera [Zero-Day]
Теги
programmingsoftwaresoftware engineeringcomputer sciencecodeprogramming languagesoftware developmenthackinghackcyber securityexploittrackingsoftware engineervulnerabilitypen testingprivacyspywaremalwarecybercyber attackbug bountiesethical hackinglow level securityzero dayzero-daycyber security explainedbug bountySQLinjectionSQL injectionunicodeASCIIUTF-8encodingbreachSQL breachSQLitedatabase injectionZoomLinuxlocal SQL
