Completed
Serialized Delegate
Class Central Classrooms beta
YouTube videos curated by Class Central.
Classroom Contents
Are You My Type? Breaking .NET Sandboxes Through Serialization
Automatically move to the next video in the Classroom when playback concludes
- 1 Intro
- 2 What is Serialization?
- 3 Why Serialization?
- 4 NET Serialization Support
- 5 Binary Serialization
- 6 What does it look like?
- 7 Badly Written Applications
- 8 ISerializable Interface
- 9 ISerializable Deserializing
- 10 Just Being Malicious
- 11 Demonstration
- 12 NET Remoting Architecture
- 13 Marshal By Reference
- 14 Marshal By Value
- 15 More Active Attacks
- 16 Path Normalization
- 17 Bypassing Type Filtering
- 18 How to protect against this?
- 19 Partial Trust Sandboxes
- 20 Code Access Security
- 21 XBAP Exception Handling AppDomain Boundary
- 22 ISerializable Redux
- 23 Type Conversion AppDomain Boundary
- 24 EvidenceBase.Clone
- 25 Exploiting It!
- 26 Delegate Multicasting
- 27 Serialized Delegate
- 28 Type Confusion
- 29 Reflection Attack
- 30 Hashtable Serialization
- 31 Hashtable Exploit AppDomain Boundary
- 32 Review