YoVDO

Privilege Escalation Using DOP in MacOS

Offered By: Hack In The Box Security Conference via YouTube

Tags

Hack In The Box Security Conference Courses Cybersecurity Courses macOS Courses Privilege Escalation Courses Kernel Exploitation Courses Data-Oriented Programming Courses

Course Description

Overview

Explore an advanced exploit technique called Data-Oriented Programming (DOP) for privilege escalation in MacOS. Delve into the complexities of kernel exploitation using DOP, which requires three key primitives: information leakage, arbitrary address read, and arbitrary address write. Learn how DOP offers advantages over Return-Oriented Programming (ROP) by maintaining exploit effectiveness despite kernel code changes. Examine a real-world example of transforming a single heap buffer overflow vulnerability into a full privilege escalation attack using DOP techniques. Gain insights into the strengths and challenges of implementing DOP in practical scenarios, and understand its potential impact on MacOS security.

Syllabus

#HITB2023AMS D2T2 - Privilege Escalation Using DOP In MacOS - Y. Lee, J. Choi, J. Lee & S. Song


Taught by

Hack In The Box Security Conference

Related Courses

CNIT 127: Exploit Development
CNIT - City College of San Francisco via Independent
Enterprise Security Fundamentals
Microsoft via edX
Penetration Testing - Post Exploitation
New York University (NYU) via edX
Ultimate Ethical Hacking and Penetration Testing (UEH)
Udemy
Hands-on Penetration Testing Labs 4.0
Udemy