
ESP32 Backdoor Drama and SAML Auth Bypasses
From Day[0] by dayzerosec
March 17, 2025 · 1h 14m · Season 1 · Episode 277
About this episode
The episode discusses the ESP32 backdoor controversy, SAML authentication bypass techniques, and various vulnerabilities related to Linux and PHP.
Discussion this week starts with the ESP32 "backdoor" drama that circled the media, with some XML-based vulnerabilities in the mix. Finally, we cap off with a post on reviving modprobe_path for Linux exploitation, and some discussion around an attack chain against China that was attributed to the NSA. Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/277.html [00:00:00] Introduction [00:00:25] The ESP32 "backdoor" that wasn't [00:14:26] Speedrunners are vulnerability researchers [00:27:58] Sign in as anyone: Bypassing SAML SSO authentication with parser differentials [00:38:47] Impossible XXE in PHP [00:52:41] Reviving the modprobe_path Technique: Overcoming search_binary_handler() Patch [01:04:15] Trigon: developing a deterministic kernel exploit for iOS [01:06:43] An inside look at NSA (Equation Group) TTPs from China’s lense Podcast episodes are available on the usual podcast platforms: -- Apple Podcasts: https://podcasts.apple.com/us/podcast/id1484046063 -- Spotify: https://open.spotify.com/show/4NKCxk8aPEuEFuHsEQ9Tdt -- Google Podcasts…
Topics covered
- ESP32 backdoor
- SAML authentication bypass
- Linux exploitation
- NSA attack chain
- XML vulnerabilities
- modprobe_path technique
Keywords
- ESP32
- backdoor
- SAML
- authentication
- Linux
- exploitation
- NSA
- vulnerabilities
- XML
- PHP
Mentioned in this episode
Organizations: NSA, Equation Group
Products: ESP32
Places: China, Linux, PHP
More episodes of Day[0]
- The Future · April 10, 2026 · 1h 20m
- Exploiting VS Code with Control Characters · May 12, 2025 · 30 min
- Mitigating Browser Hacking - Interview with John Carse (SquareX Field CISO) · April 22, 2025 · 1h 47m
- Pulling Gemini Secrets and Windows HVPT · April 16, 2025 · 1h 33m
- Session-ception and User Namespaces Strike Again · April 1, 2025 · 50 min
- Extracting YouTube Creator Emails and Spilling Azure Secrets · March 24, 2025 · 44 min
Explore listener stats, chart rankings, contacts and more on the Day[0] podcast page.