Smashing the State Machine: Advanced Web Race Condition Attacks

Smashing the State Machine: Advanced Web Race Condition Attacks

DEFCONConference via YouTube Direct link

The known potential of race conditions

2 of 15

2 of 15

The known potential of race conditions

Class Central Classrooms beta

YouTube videos curated by Class Central.

Classroom Contents

Smashing the State Machine: Advanced Web Race Condition Attacks

Automatically move to the next video in the Classroom when playback concludes

  1. 1 Intro
  2. 2 The known potential of race conditions
  3. 3 The true potential of race conditions
  4. 4 Making race conditions reliable: Single-packet attack
  5. 5 Single-packet attack: under the hood
  6. 6 benchmark
  7. 7 Probe for clues
  8. 8 Object-masking via limit-overrun
  9. 9 Multi-endpoint collisions: handling internal latency
  10. 10 Single-endpoint collision code analysis
  11. 11 Impact
  12. 12 Partial construction attacks
  13. 13 Data-structures and race-condition defenses
  14. 14 Improving the single-packet attack
  15. 15 Embrace the chaos

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.