Privilege Escalation Using DOP in MacOS
Offered By: Hack In The Box Security Conference via YouTube
Course Description
Overview
Explore an advanced exploit technique called Data-Oriented Programming (DOP) for privilege escalation in MacOS. Delve into the complexities of kernel exploitation using DOP, which requires three key primitives: information leakage, arbitrary address read, and arbitrary address write. Learn how DOP offers advantages over Return-Oriented Programming (ROP) by maintaining exploit effectiveness despite kernel code changes. Examine a real-world example of transforming a single heap buffer overflow vulnerability into a full privilege escalation attack using DOP techniques. Gain insights into the strengths and challenges of implementing DOP in practical scenarios, and understand its potential impact on MacOS security.
Syllabus
#HITB2023AMS D2T2 - Privilege Escalation Using DOP In MacOS - Y. Lee, J. Choi, J. Lee & S. Song
Taught by
Hack In The Box Security Conference
Related Courses
Computer SecurityStanford University via Coursera Cryptography II
Stanford University via Coursera Malicious Software and its Underground Economy: Two Sides to Every Story
University of London International Programmes via Coursera Building an Information Risk Management Toolkit
University of Washington via Coursera Introduction to Cybersecurity
National Cybersecurity Institute at Excelsior College via Canvas Network