Privilege Escalation Using DOP in MacOS
Offered By: Hack In The Box Security Conference via YouTube
Course Description
Overview
Explore an advanced exploit technique called Data-Oriented Programming (DOP) for privilege escalation in MacOS. Delve into the complexities of kernel exploitation using DOP, which requires three key primitives: information leakage, arbitrary address read, and arbitrary address write. Learn how DOP offers advantages over Return-Oriented Programming (ROP) by maintaining exploit effectiveness despite kernel code changes. Examine a real-world example of transforming a single heap buffer overflow vulnerability into a full privilege escalation attack using DOP techniques. Gain insights into the strengths and challenges of implementing DOP in practical scenarios, and understand its potential impact on MacOS security.
Syllabus
#HITB2023AMS D2T2 - Privilege Escalation Using DOP In MacOS - Y. Lee, J. Choi, J. Lee & S. Song
Taught by
Hack In The Box Security Conference
Related Courses
CNIT 127: Exploit DevelopmentCNIT - City College of San Francisco via Independent Enterprise Security Fundamentals
Microsoft via edX Penetration Testing - Post Exploitation
New York University (NYU) via edX Ultimate Ethical Hacking and Penetration Testing (UEH)
Udemy Hands-on Penetration Testing Labs 4.0
Udemy