YoVDO

Hunting Windows Desktop Window Manager Bugs

Offered By: Hack In The Box Security Conference via YouTube

Tags

Hack In The Box Security Conference Courses Reverse Engineering Courses Exploit Development Courses Fuzzing Courses Windows Privilege Escalation Courses

Course Description

Overview

Explore the intricacies of Windows Desktop Window Manager (DWM) vulnerabilities in this 46-minute conference talk from Hack In The Box Security Conference. Delve into the architecture of DWM and its interaction with low-privileged users, uncovering a significant attack surface within the Windows graphics component. Examine 10 discovered bugs in the DWM process, all acknowledged by Microsoft, and gain insights into the reverse engineering process that revealed special features like restart recovery and exception handling. Learn about six specific vulnerability cases, including out-of-bound access, untrusted pointer reference, type confusion, and use-after-free issues. Understand the implementation details of DirectComposition in user and kernel modes, and discover the security challenges in shared memory communication. Compare manual code auditing and fuzzing techniques for vulnerability detection, and grasp the importance of auditing user-mode code in addition to kernel-side vulnerabilities.

Syllabus

#HITB2023AMS D1T1 - Hunting Windows Desktop Window Manager Bugs - Z. WangJunjie, Y. He & W. Li


Taught by

Hack In The Box Security Conference

Related Courses

Advanced White Hat Hacking & Penetration Testing Tutorial
Udemy
Practical Buffer Overflows for OSCP
Udemy
Buffer Overflows Made Easy
Cyber Mentor via YouTube
Burp Suite
David Bombal via YouTube
Buffer Overflows Made Easy - 2022 Edition
Cyber Mentor via YouTube