YoVDO

Never Let Your Guard Down - Finding Unguarded Gates to Bypass Control Flow Guard with Big Data

Offered By: Black Hat via YouTube

Tags

Black Hat Courses Cybersecurity Courses Data Collection Courses Vulnerability Analysis Courses

Course Description

Overview

Explore the intricacies of bypassing Control Flow Guard (CFG) in this 37-minute Black Hat conference talk. Delve into the security mechanism designed to prevent indirect branches from redirecting control flow to unexpected locations. Learn about the implementation of CFG in Windows 10 and its functioning through control-flow check-functions. Discover the research approach using Performance Monitoring Unit (PMU) and Windows API to identify unguarded gates. Examine attack surfaces, including indirect jumps and temporary code buffers. Analyze results focusing on Windows Storage Library, IE LQR Library, and IE Data Segment. Understand the implications of writable function pointers and Microsoft's response to reported vulnerabilities. Gain insights into future work and current developments in this critical area of cybersecurity.

Syllabus

Introduction
Agenda
Safety Implementation Overview
Operating System
Safety Bypass
Previous Research
Attack Surfaces
Indirect Jump
Temporary Code Buffer
Research Work
Research Focus
Function Pointer
Research Approach
PMU
Windows API
Example
Data Collection
Data Collection Example
Process Processing Pipeline
Analysis Results
Windows Storage Library
IE LQR Library
IE Data Segment
Microsoft Catch Flag
More Interest
Writable Function Pointer
Report to Microsoft
Microsoft fix
Future work
Current work
References


Taught by

Black Hat

Related Courses

Computer Security
Stanford University via Coursera
Cryptography II
Stanford University via Coursera
Malicious Software and its Underground Economy: Two Sides to Every Story
University of London International Programmes via Coursera
Building an Information Risk Management Toolkit
University of Washington via Coursera
Introduction to Cybersecurity
National Cybersecurity Institute at Excelsior College via Canvas Network