???? Subscribe to BBRE Premium: https://bbre.dev/premium
✉️ Sign up for the mailing list: https://bbre.dev/nl
???? Follow me on Twitter: https://bbre.dev/tw

This video is an explanation of the writeup of 4 bugs in Azure Health bot. The bugs were 2x RCEs, a path traversal and a memory leak.

???? Get $100 in credits for Digital Ocean: https://bbre.dev/do

Report: https://www.breachproof.net/blog/lethal-injection-how-we-hacked-microsoft-ai-chat-bot
Reporter’s Twitter: https://x.com/Yanir_/status/1787927285443494137

Timestamps:

00:00 Intro
00:48 Sandbox escape by bypassing module allowlist
04:05 Sandbox escape by exploiting exising modules
06:12 Memory leak
07:30 Secondary path traversal

Add comment

Your email address will not be published. Required fields are marked *