File Structures - Another Binary Exploitation Technique

Explore a new attack technique exploiting FILE structures in GNU C Library (Glibc) to circumvent modern operating system protections in this 49-minute conference talk from the Hack In The Box Security Conference. Learn how to break data protections, launch remote code execution, and utilize different FILE structures for attacks through File Stream Oriented Programming. Discover methods to abuse FILE structures even with the latest Glibc mitigations. Gain insights from An-Jie Yang (Angelboy), a renowned cybersecurity expert and CTF champion, as he covers topics including file structures, exploit paths, advanced exploitation techniques, verification methods, and practical demonstrations.

Introduction
Agenda
File Structure
Exploit Path
Advanced Exploit
Verification
Demo
Conclusion