YoVDO

Privilege Escalation Using DOP in MacOS

Offered By: Hack In The Box Security Conference via YouTube

Tags

Hack In The Box Security Conference Courses Cybersecurity Courses macOS Courses Privilege Escalation Courses Kernel Exploitation Courses Data-Oriented Programming Courses

Course Description

Overview

Explore an advanced exploit technique called Data-Oriented Programming (DOP) for privilege escalation in MacOS. Delve into the complexities of kernel exploitation using DOP, which requires three key primitives: information leakage, arbitrary address read, and arbitrary address write. Learn how DOP offers advantages over Return-Oriented Programming (ROP) by maintaining exploit effectiveness despite kernel code changes. Examine a real-world example of transforming a single heap buffer overflow vulnerability into a full privilege escalation attack using DOP techniques. Gain insights into the strengths and challenges of implementing DOP in practical scenarios, and understand its potential impact on MacOS security.

Syllabus

#HITB2023AMS D2T2 - Privilege Escalation Using DOP In MacOS - Y. Lee, J. Choi, J. Lee & S. Song


Taught by

Hack In The Box Security Conference

Related Courses

Browser Hacking With ANGLE
Hack In The Box Security Conference via YouTube
Can A Fuzzer Match A Human
Hack In The Box Security Conference via YouTube
Biometrics System Hacking in the Age of the Smart Vehicle
Hack In The Box Security Conference via YouTube
ICEFALL - Revisiting A Decade Of OT Insecure-By-Design Practices
Hack In The Box Security Conference via YouTube
Fuzzing the MCU of Connected Vehicles for Security and Safety
Hack In The Box Security Conference via YouTube