Let's Dance in the Cache - Destabilizing Hash Table on Microsoft IIS
Offered By: Black Hat via YouTube
Course Description
Overview
Explore a critical security vulnerability in Microsoft IIS's implementation of hash tables in this 43-minute Black Hat conference talk. Delve into the architecture of hash tables, a fundamental data structure in computer science, and understand their susceptibility to collision attacks. Examine Microsoft's 25-year-old dynamic hashing algorithm, designed to mitigate these issues but potentially introducing new vulnerabilities. Presented by Orange Tsai, this talk scrutinizes Microsoft's design choices in IIS, the widely-used web server, and their implications for data storage throughout the HTTP stack. Gain insights into the potential weaknesses of this ubiquitous data structure and its implementation in a major software platform.
Syllabus
Let's Dance in the Cache - Destabilizing Hash Table on Microsoft IIS
Taught by
Black Hat
Related Courses
Attack on Titan M, Reloaded - Vulnerability Research on a Modern Security ChipBlack Hat via YouTube Attacks From a New Front Door in 4G & 5G Mobile Networks
Black Hat via YouTube AAD Joined Machines - The New Lateral Movement
Black Hat via YouTube Better Privacy Through Offense - How to Build a Privacy Red Team
Black Hat via YouTube Whip the Whisperer - Simulating Side Channel Leakage
Black Hat via YouTube