YoVDO

Digging for IE11 Sandbox Escapes Part 1

Offered By: Black Hat via YouTube

Tags

Black Hat Courses Cybersecurity Courses Bug Bounty Courses IDA Pro Courses Exploit Development Courses Vulnerability Research Courses

Course Description

Overview

Explore the process of discovering sandbox escapes in Internet Explorer 11 during Microsoft's bug bounty program in this Black Hat conference talk. Delve into the methodology used to uncover four significant vulnerabilities in the IE11 sandbox implementation, some of which have persisted since Vista and IE7. Learn about the Enhanced Protected Mode (EPM) sandbox and its utilization of Windows 8's App Container mechanism. Gain insights into investigating the IE11 sandbox, executing custom code, and analyzing attack surfaces. Examine the provided sample source code for each vulnerability to test and understand the issues firsthand. Note that participation requires Windows 8.1 RTM installation and tools such as Visual Studio 2013 and IDA Pro for analysis and development of sandbox escape examples.

Syllabus

Digging for IE11 Sandbox Escapes Part 1


Taught by

Black Hat

Related Courses

CNIT 127: Exploit Development
CNIT - City College of San Francisco via Independent
Reverse Engineering and Exploit Development
Udemy
Penetration Testing: Advanced Kali Linux
LinkedIn Learning
Linux x86 Assembly and Shellcoding
Udemy
Python : Sıfırdan İleri Seviyeye - Etik Hacker Örnekleriyle
Udemy