Completed
Data-only attacks: related work
Class Central Classrooms beta
YouTube videos curated by Class Central.
Classroom Contents
Exploiting Adobe Flash Player in the Era of Control Flow Guard
Automatically move to the next video in the Classroom when playback concludes
- 1 Intro
- 2 Agenda
- 3 Overview of CFG
- 4 CVE-2015-0311 Overview
- 5 Control flow hijacking attempt detected!
- 6 Approaches
- 7 Flash JIT compiler
- 8 Leveraging the JIT compiler to bypass CFG
- 9 Current status
- 10 JIT hardening
- 11 Data-only attacks: related work
- 12 The Security Settings object
- 13 Gaining (unauthorized) access to the camera & mic
- 14 From Remote sandbox to Local Trusted sandbox
- 15 Executing commands without shellcode nor ROP
- 16 Crafted state
- 17 Thank you!