YoVDO

Bochspwn - Identifying 0-Days via System-Wide Memory Access Pattern Analysis

Offered By: Black Hat via YouTube

Tags

Black Hat Courses Cybersecurity Courses Operating Systems Courses Race Conditions Courses Windows Kernel Courses

Course Description

Overview

Explore an innovative approach to discovering kernel vulnerabilities through dynamic CPU-level instrumentation in this Black Hat USA 2013 conference talk. Delve into the "Bochspwn" project, which utilizes memory access patterns to identify potential race conditions in user-mode memory interactions. Learn about various implementation methods and discover how this technique uncovered approximately 50 local elevation of privilege vulnerabilities in the Windows kernel. Gain insights into the evolution of automated vulnerability discovery and its impact on kernel security. Understand the limitations of current kernel code coverage techniques and the importance of addressing kernel-specific bug classes. Witness the open-sourcing of the Bochspwn tool and explore opportunities for further development and testing of this groundbreaking approach to enhancing system security.

Syllabus

Black Hat USA 2013 - Bochspwn: Identifying 0-days via System-wide Memory Access Pattern Analysis


Taught by

Black Hat

Related Courses

Attack on Titan M, Reloaded - Vulnerability Research on a Modern Security Chip
Black Hat via YouTube
Attacks From a New Front Door in 4G & 5G Mobile Networks
Black Hat via YouTube
AAD Joined Machines - The New Lateral Movement
Black Hat via YouTube
Better Privacy Through Offense - How to Build a Privacy Red Team
Black Hat via YouTube
Whip the Whisperer - Simulating Side Channel Leakage
Black Hat via YouTube