YoVDO

Robin Hood vs Cisco ASA AnyConnect

Offered By: Recon Conference via YouTube

Tags

REcon Conference Courses Cybersecurity Courses Reverse Engineering Courses Exploit Development Courses Vulnerability Analysis Courses

Course Description

Overview

Explore a detailed analysis of a critical vulnerability in Cisco's AnyConnect/WebVPN implementation on ASA devices. Delve into the architecture of the fuzzer used to discover a double free vulnerability, and learn about the bug analysis and exploitation techniques. Gain insights into a generic method for leveraging fragmented IKEv1 packets for heap feng shui and creating a write primitive. Understand the significance of this vulnerability, which received a CVSS score of 10.0 from Cisco. Discover how this fuzzing architecture can be applied to other protocols on Cisco devices. Join Cedric, a reverse engineering and exploit development expert from NCC Group, as he shares his findings and techniques in this informative conference talk from Recon Brussels 2018.

Syllabus

Recon Brussels 2018 - Robin Hood vs Cisco ASA AnyConnect


Taught by

Recon Conference

Related Courses

Harnessing Intel Processor Trace on Windows for Fuzz
Recon Conference via YouTube Reverse Engineering Satellite Based IP Content Distribution
Recon Conference via YouTube Reverse Engineering Windows Defender's JavaScript Engine
Recon Conference via YouTube DIY ARM Debugger for Wi-Fi Chips
Recon Conference via YouTube Subverting Your Server Through Its BMC - The HPE iLO4 Case
Recon Conference via YouTube