YoVDO

Hunting Windows Desktop Window Manager Bugs

Offered By: Hack In The Box Security Conference via YouTube

Tags

Hack In The Box Security Conference Courses Reverse Engineering Courses Exploit Development Courses Fuzzing Courses Windows Privilege Escalation Courses

Course Description

Overview

Explore the intricacies of Windows Desktop Window Manager (DWM) vulnerabilities in this 46-minute conference talk from Hack In The Box Security Conference. Delve into the architecture of DWM and its interaction with low-privileged users, uncovering a significant attack surface within the Windows graphics component. Examine 10 discovered bugs in the DWM process, all acknowledged by Microsoft, and gain insights into the reverse engineering process that revealed special features like restart recovery and exception handling. Learn about six specific vulnerability cases, including out-of-bound access, untrusted pointer reference, type confusion, and use-after-free issues. Understand the implementation details of DirectComposition in user and kernel modes, and discover the security challenges in shared memory communication. Compare manual code auditing and fuzzing techniques for vulnerability detection, and grasp the importance of auditing user-mode code in addition to kernel-side vulnerabilities.

Syllabus

#HITB2023AMS D1T1 - Hunting Windows Desktop Window Manager Bugs - Z. WangJunjie, Y. He & W. Li


Taught by

Hack In The Box Security Conference

Related Courses

CNIT 127: Exploit Development
CNIT - City College of San Francisco via Independent
Offensive Penetration Testing
LinkedIn Learning
Penetration Testing: Advanced Kali Linux
LinkedIn Learning
Reverse Engineering Linux 32-bit Applications
PentesterAcademy
Exploit Development and Execution with the Metasploit Framework
Pluralsight