PWN Flash with Reflection and HashTables

Explore an in-depth conference talk on exploiting Flash vulnerabilities using reflection and HashTables. Dive into the implementation of an Action Script 3-based fuzzing tool that leverages implicit reflection to discover over 50 Flash vulnerabilities. Learn about the challenges of flash fuzzing, including template creation, sanitizing, reproducing, and code coverage. Discover how HashTables can be used as exploit-friendly objects to bypass anti-UAF mitigations in Flash. Follow a step-by-step demonstration of exploiting an unreported UAF vulnerability to achieve read and write primitives, bypassing modern mitigations in Windows 10 x64 1709. Gain insights into this powerful exploitation technique that can be applied to various Flash UAF vulnerabilities, potentially circumventing current security measures.

Recon 2018 Montreal - PWN Flash with Reflection and HashTables by Tao Yan & Bo Qu