YoVDO

Might As Well JUMP - Exploit Development For Java Serialization

Offered By: Hack In The Box Security Conference via YouTube

Tags

Hack In The Box Security Conference Courses Python Courses Reverse Engineering Courses Apache Tomcat Courses Exploit Development Courses Vulnerability Analysis Courses HMAC Courses

Course Description

Overview

Explore advanced exploit development techniques for Java serialization vulnerabilities in this conference talk from the Hack In The Box Security Conference. Dive into a demonstration of a zero-day custom exploit targeting a simple application deployed in Apache MyFaces on the latest version of Tomcat. Learn how to create a Python exploit that breaks HMAC and MAC through cryptographic manipulation. Gain insights into reverse engineering popular security applications for vulnerabilities using a concise ASM command. Delve into the intricacies of Return-Oriented Programming (ROP) and egg hunting techniques, illustrated through a custom Firefox remote code execution vulnerability written in asm.js. This 23-minute session offers a comprehensive look at cutting-edge exploit development strategies, providing valuable knowledge for security professionals and researchers.

Syllabus

#HITBHaxpo D2 - Might As Well JUMP: Exploit Development For Java Serialization - Jameel Nabbo


Taught by

Hack In The Box Security Conference

Related Courses

Dal Reverse engineering alla stampa 3D
University of Naples Federico II via Federica Rapid Manufacturing
Indian Institute of Technology Kanpur via Swayam Generative Design for Industrial Applications
Autodesk via Coursera Fundamentos de Ciberseguridad: un enfoque práctico
Inter-American Development Bank via edX Functional And Conceptual Design
Indian Institute of Technology Madras via Swayam