Robin Hood vs Cisco ASA AnyConnect
Offered By: Recon Conference via YouTube
Course Description
Overview
Explore a detailed analysis of a critical vulnerability in Cisco's AnyConnect/WebVPN implementation on ASA devices. Delve into the architecture of the fuzzer used to discover a double free vulnerability, and learn about the bug analysis and exploitation techniques. Gain insights into a generic method for leveraging fragmented IKEv1 packets for heap feng shui and creating a write primitive. Understand the significance of this vulnerability, which received a CVSS score of 10.0 from Cisco. Discover how this fuzzing architecture can be applied to other protocols on Cisco devices. Join Cedric, a reverse engineering and exploit development expert from NCC Group, as he shares his findings and techniques in this informative conference talk from Recon Brussels 2018.
Syllabus
Recon Brussels 2018 - Robin Hood vs Cisco ASA AnyConnect
Taught by
Recon Conference
Related Courses
Dal Reverse engineering alla stampa 3DUniversity of Naples Federico II via Federica Rapid Manufacturing
Indian Institute of Technology Kanpur via Swayam Generative Design for Industrial Applications
Autodesk via Coursera Fundamentos de Ciberseguridad: un enfoque práctico
Inter-American Development Bank via edX Functional And Conceptual Design
Indian Institute of Technology Madras via Swayam