YoVDO

Privilege Escalation Using DOP in MacOS

Offered By: Hack In The Box Security Conference via YouTube

Tags

Hack In The Box Security Conference Courses Cybersecurity Courses macOS Courses Privilege Escalation Courses Kernel Exploitation Courses Data-Oriented Programming Courses

Course Description

Overview

Explore an advanced exploit technique called Data-Oriented Programming (DOP) for privilege escalation in MacOS. Delve into the complexities of kernel exploitation using DOP, which requires three key primitives: information leakage, arbitrary address read, and arbitrary address write. Learn how DOP offers advantages over Return-Oriented Programming (ROP) by maintaining exploit effectiveness despite kernel code changes. Examine a real-world example of transforming a single heap buffer overflow vulnerability into a full privilege escalation attack using DOP techniques. Gain insights into the strengths and challenges of implementing DOP in practical scenarios, and understand its potential impact on MacOS security.

Syllabus

#HITB2023AMS D2T2 - Privilege Escalation Using DOP In MacOS - Y. Lee, J. Choi, J. Lee & S. Song


Taught by

Hack In The Box Security Conference

Related Courses

A+ Cert Software
Cabrillo College via California Community Colleges System Operating Systems: Overview, Administration, and Security
IBM via Coursera Data Management and Applications
Packt via Coursera Network Configuration, Network Services, & System Management
Packt via Coursera Operating Systems and Networking Fundamentals
Packt via Coursera