YoVDO

Winter is Coming Back - Defeating the Most Advanced Rowhammer Defenses to Gain Root and Kernel Privileges

Offered By: Black Hat via YouTube

Tags

Black Hat Courses Cybersecurity Courses System Security Courses Exploit Development Courses Privilege Escalation Courses

Course Description

Overview

Explore a groundbreaking Black Hat conference talk unveiling a novel exploit capable of bypassing advanced rowhammer defenses. Delve into the intricacies of this 40-minute presentation, which demonstrates how an unprivileged user application can gain root and kernel privileges. Learn about the exploit's stealthy and efficient nature compared to existing rowhammer techniques. Examine key topics including memory access, raw ham attacks, performance counters, tab ownership, privilege escalation, exploitable buffers, and potential limitations. Gain insights from security experts Yueqiang Cheng, Zhi Zhang, Surya Nepal, and Zhi Wang as they discuss the implications of this exploit and potential countermeasures.

Syllabus

Introduction
Memory Access
Raw Ham Attack
Performance Counter
Key Steps
Tab Ownership
Summary
Verification
Privilege Escalation
Exploitable Buffer
Medication
Limitations
Recap
Questions


Taught by

Black Hat

Related Courses

Attack on Titan M, Reloaded - Vulnerability Research on a Modern Security Chip
Black Hat via YouTube Attacks From a New Front Door in 4G & 5G Mobile Networks
Black Hat via YouTube AAD Joined Machines - The New Lateral Movement
Black Hat via YouTube Better Privacy Through Offense - How to Build a Privacy Red Team
Black Hat via YouTube Whip the Whisperer - Simulating Side Channel Leakage
Black Hat via YouTube