YoVDO

Never Let Your Guard Down - Finding Unguarded Gates to Bypass Control Flow Guard with Big Data

Offered By: Black Hat via YouTube

Tags

Black Hat Courses Cybersecurity Courses Data Collection Courses Vulnerability Analysis Courses

Course Description

Overview

Explore the intricacies of bypassing Control Flow Guard (CFG) in this 37-minute Black Hat conference talk. Delve into the security mechanism designed to prevent indirect branches from redirecting control flow to unexpected locations. Learn about the implementation of CFG in Windows 10 and its functioning through control-flow check-functions. Discover the research approach using Performance Monitoring Unit (PMU) and Windows API to identify unguarded gates. Examine attack surfaces, including indirect jumps and temporary code buffers. Analyze results focusing on Windows Storage Library, IE LQR Library, and IE Data Segment. Understand the implications of writable function pointers and Microsoft's response to reported vulnerabilities. Gain insights into future work and current developments in this critical area of cybersecurity.

Syllabus

Introduction
Agenda
Safety Implementation Overview
Operating System
Safety Bypass
Previous Research
Attack Surfaces
Indirect Jump
Temporary Code Buffer
Research Work
Research Focus
Function Pointer
Research Approach
PMU
Windows API
Example
Data Collection
Data Collection Example
Process Processing Pipeline
Analysis Results
Windows Storage Library
IE LQR Library
IE Data Segment
Microsoft Catch Flag
More Interest
Writable Function Pointer
Report to Microsoft
Microsoft fix
Future work
Current work
References


Taught by

Black Hat

Related Courses

Observing and Analysing Performance in Sport
OpenLearning
Statistics: Making Sense of Data
University of Toronto via Coursera
Financial Planning
TAFE NSW via Open2Study
Mobiles for Development
Indian Institute of Technology Kanpur via Independent
Valoración de futbolistas
Universitat Politècnica de València via UPV [X]