YoVDO

Exploiting Excel Online

Offered By: Black Hat via YouTube

Tags

Black Hat Courses Cybersecurity Courses Memory Leaks Courses Exploit Development Courses Vulnerability Analysis Courses Remote Code Execution Courses

Course Description

Overview

Explore an in-depth analysis of exploiting Excel Online in this Black Hat conference talk. Delve into the discovery and exploitation of an integer overflow vulnerability (CVE-2018-8331) in the fnConcatenate formula. Learn how Excel formulas can be chained together to achieve remote code execution on the Office Web Application server. Examine the challenges, constraints, and techniques involved in developing this exploit, including memory leaks, string manipulation, and formula analysis. Gain insights into the security implications for online applications and understand the unique perspective of the Microsoft Security Response Center. Discover the potential risks associated with malicious documents targeting online platforms and the complexities of attacking Office Web Application servers.

Syllabus

Introduction
Office Online Server
Questions
Why Excel
Oneshot exploits
Formulas
My experience
Text join
Analysis
Exploit
Constraints
Memory Leak
Scenario
Cross Fingers
Undo
Workarounds
String Package
Checking all formulas
Graphs and charts
Read primitive
Onprem
Demo
Is it possible
QA


Taught by

Black Hat

Related Courses

Computer Security
Stanford University via Coursera Cryptography II
Stanford University via Coursera Malicious Software and its Underground Economy: Two Sides to Every Story
University of London International Programmes via Coursera Building an Information Risk Management Toolkit
University of Washington via Coursera Introduction to Cybersecurity
National Cybersecurity Institute at Excelsior College via Canvas Network