Cellular Exploitation on a Global Scale - The Rise and Fall of the Control Protocol

Cellular Exploitation on a Global Scale - The Rise and Fall of the Control Protocol

Black Hat via YouTube Direct link

Dynamically Building ROP Chains

32 of 33

32 of 33

Dynamically Building ROP Chains

Class Central Classrooms beta

YouTube videos curated by Class Central.

Classroom Contents

Cellular Exploitation on a Global Scale - The Rise and Fall of the Control Protocol

Automatically move to the next video in the Classroom when playback concludes

  1. 1 Intro
  2. 2 Researcher Backgrounds
  3. 3 History and Prior Standards
  4. 4 The Current Standard
  5. 5 OMA-DM: Managed Objects
  6. 6 Devices with OMA-DM
  7. 7 Embedded Client Locations
  8. 8 The Reference Toolkit
  9. 9 RedBend Software
  10. 10 Network Architecture Diagram
  11. 11 OMA-DM "Standard" Security
  12. 12 Initial OTA Payload Types
  13. 13 DM Bootstrap Payload Example • Used for initial Device Provisioning
  14. 14 OMA-DM Tree Serialization
  15. 15 Client Side Parsing
  16. 16 Cellular Testing Hardware
  17. 17 Identifying Control Clients - Phones
  18. 18 Identifying Control Clients - Embedded Devices
  19. 19 Simulating Cellular Environments
  20. 20 Over Global Carrier Networks
  21. 21 Rogue Base Station Attacks
  22. 22 Vulnerabilities in Authentication
  23. 23 Transport Security and Encryption Flaws
  24. 24 MInside Out BaseBand Attacks
  25. 25 Carrier Customizations
  26. 26 Code Execution Without Memory Corruption
  27. 27 Vulnerability Example: Reading Memory
  28. 28 Notable Weaknesses in Exploit Mitigations
  29. 29 OTA Exploit Delivery
  30. 30 Bypassing ASLR with OTA Feng Shui
  31. 31 Killing the Canary
  32. 32 Dynamically Building ROP Chains
  33. 33 OTA Code Execution Status

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.