writeups.xyz
/
Sandro Gauci (@Sandrogauci)
Title
Vulnerabilities
Programs
Authors
A Novel DoS Vulnerability affecting WebRTC Media Servers
DoS
VoIP Hacking
WebRTC
Undisclosed
Sandro Gauci (@Sandrogauci)
Alfred Farrugia (@Alfred_farrugia)
OpenSIPS Security Audit Report is fully disclosed and out there
SIP
Memory Corruption
Memory Leak
Buffer Overflow
Buffer Over-Read
OpenSIPS
Kamailio
Sandro Gauci (@Sandrogauci)
Kamailio’s exec module considered harmful
OS Command Injection
SIP
Kamailio
Ali Norouzi
Sandro Gauci (@Sandrogauci)
How we abused Slack's TURN servers to gain access to internal services
SSRF
TURN
WebRTC
Slack
Sandro Gauci (@Sandrogauci)
Page 1 of 1
writeups.xyz
/
Sandro Gauci (@Sandrogauci)