PWN Flash with Reflection and HashTables
Offered By: Recon Conference via YouTube
Course Description
Overview
Explore an in-depth conference talk on exploiting Flash vulnerabilities using reflection and HashTables. Dive into the implementation of an Action Script 3-based fuzzing tool that leverages implicit reflection to discover over 50 Flash vulnerabilities. Learn about the challenges of flash fuzzing, including template creation, sanitizing, reproducing, and code coverage. Discover how HashTables can be used as exploit-friendly objects to bypass anti-UAF mitigations in Flash. Follow a step-by-step demonstration of exploiting an unreported UAF vulnerability to achieve read and write primitives, bypassing modern mitigations in Windows 10 x64 1709. Gain insights into this powerful exploitation technique that can be applied to various Flash UAF vulnerabilities, potentially circumventing current security measures.
Syllabus
Recon 2018 Montreal - PWN Flash with Reflection and HashTables by Tao Yan & Bo Qu
Taught by
Recon Conference
Related Courses
Computer SecurityStanford University via Coursera Cryptography II
Stanford University via Coursera Malicious Software and its Underground Economy: Two Sides to Every Story
University of London International Programmes via Coursera Building an Information Risk Management Toolkit
University of Washington via Coursera Introduction to Cybersecurity
National Cybersecurity Institute at Excelsior College via Canvas Network