Zoom Beefs Up End-to-End Encryption to Thwart 'Zoombombers'

Video calling platform Zoom is boosting its security profile via the acquisition of a small startup called Keybase. The 25-person, New York-based company will provide more robust encryption for Zoom calls on paid subscriptions by implementing an end-to-end architecture. “Logged-in users will...

Why Keybase Doesn't Offer Two Factor Authentication

Keybase exists to keep things safe online. And it doesn't use 2FA to do it...

Keybase: Keybase client (Windows 10): Write files anywhere in userland using relative path in "download attachement" feature

Summary I've tested this vulnerability on Windows 10, with last keybase client. If a user click on "Download file" during a chat, an attacker can write files anywhere in userland. When downloading a file from a chat, the file should always be written in "Downloads" folder. Proof of concept You ne...

CVE-2019-16992

The Keybase app 2.13.2 for iOS provides potentially insufficient notice that it is employing a user's private key to sign a certain cryptocurrency attestation that an address at keybase.io can be used for Stellar payments to the user, which might be incompatible with a user's personal position on...

CVE-2019-16992

The Keybase app 2.13.2 for iOS provides potentially insufficient notice that it is employing a user's private key to sign a certain cryptocurrency attestation that an address at keybase.io can be used for Stellar payments to the user, which might be incompatible with a user's personal position on...

Design/Logic Flaw

The Keybase app 2.13.2 for iOS provides potentially insufficient notice that it is employing a user's private key to sign a certain cryptocurrency attestation that an address at keybase.io can be used for Stellar payments to the user, which might be incompatible with a user's personal position on...

CVE-2019-16992

The Keybase app 2.13.2 for iOS provides potentially insufficient notice that it is employing a user's private key to sign a certain cryptocurrency attestation that an address at keybase.io can be used for Stellar payments to the user, which might be incompatible with a user's personal position on...

CVE-2019-16992

CVE-2019-16992 affects the Keybase iOS app (v2.13.2), where the implementation could sign a cryptocurrency attestation (that an address at keybase.io can be used for Stellar payments) using the user’s private key without clear user notice. The issue is described as a misuse/insufficient notice ab...

Keybase has an unspecified vulnerability

Keybase is a social networking platform that supports end-to-end encryption based on PGP technology. An unspecified vulnerability exists in the iOS-based Keybase version 2.13.2, which stems from a backdoor in the program that can be exploited by an attacker to sign an authentication using a user'...

CVE-2019-7249

In Keybase before 2.12.6 on macOS, the move RPC to the Helper was susceptible to time-to-check-time-to-use bugs and would also allow one user of the system who didn't have root access to tamper with another's installs...

CVE-2019-7249

In Keybase before 2.12.6 on macOS, the move RPC to the Helper was susceptible to time-to-check-time-to-use bugs and would also allow one user of the system who didn't have root access to tamper with another's installs...

Design/Logic Flaw

In Keybase before 2.12.6 on macOS, the move RPC to the Helper was susceptible to time-to-check-time-to-use bugs and would also allow one user of the system who didn't have root access to tamper with another's installs...

CVE-2019-7249

CVE-2019-7249 affects Keybase on macOS prior to version 2.12.6. The vulnerability arises in the move RPC to the Helper, described as a time-to-check-time-to-use issue that could allow a user without root to tamper with another user's installations. NVD metrics indicate a high/critical impact (CVS...

CVE-2019-7249

In Keybase before 2.12.6 on macOS, the move RPC to the Helper was susceptible to time-to-check-time-to-use bugs and would also allow one user of the system who didn't have root access to tamper with another's installs...

Keybase: From nobody to somebody

Short description Using a bug any user can change the keybase and git-remote-keybase symlinks in the /usr/locale/bin folder. We can exploit this to run arbitrary code as the user. Steps to reproduce 1. In the example I will use the low privileged nobody account could be any other account and I wi...

Keybase: XSS on Desktop Client

Steps to reproduce 1. Create a file named as 'alert1v.SS'.mp4 in the keybase public/private folder. 2. On the desktop client open the file as a preview. 3. An alert box pops up. gif poc: F399836 The Problem The client/shared/fs/filepreview/av-view.desktop.js file contains a template literal with...

Keybase: macOS privilege escalation via keybase install

Environment OS: macOS Mojave 10.14.1 Kernel: Darwin Kernel Version 18.2.0 keybase version 2.12.2-20181218171841+29273f4110 Steps to reproduce Note: All steps are executed as an unprivileged user unless otherwise noted. For this PoC the unprivileged user is defined as below $ id test2 uid=508test2...

Keybase keybase-redirector - ($PATH) Local Privilege Escalation Exploit

Exploit for linux platform in category local exploits keybase-redirector is a setuid root binary. keybase-redirector calls the fusermount binary using a relative path and the application trusts the value of $PATH. This allows a local, unprivileged user to trick the application to executing a cust...

CVE-2018-18629

An issue was discovered in the Keybase command-line client before 2.8.0-20181023124437 for Linux. An untrusted search path vulnerability in the keybase-redirector application allows a local, unprivileged user on Linux to gain root privileges via a Trojan horse binary...

Design/Logic Flaw

An issue was discovered in the Keybase command-line client before 2.8.0-20181023124437 for Linux. An untrusted search path vulnerability in the keybase-redirector application allows a local, unprivileged user on Linux to gain root privileges via a Trojan horse binary...