IPC - The Broken Dream of Inherent Security

IPC - The Broken Dream of Inherent Security

Cooper via YouTube Direct link

Windows named pipe: Client impersonation

11 of 24

11 of 24

Windows named pipe: Client impersonation

Class Central Classrooms beta

YouTube videos curated by Class Central.

Classroom Contents

IPC - The Broken Dream of Inherent Security

Automatically move to the next video in the Classroom when playback concludes

  1. 1 Intro
  2. 2 Traditional network threat model
  3. 3 Our focus: Inter-process communication (IPC)
  4. 4 Man-in-the-Machine (Mit Ma)
  5. 5 What makes IPC vulnerable
  6. 6 Network socket on localhost
  7. 7 Network socket: Client impersonation
  8. 8 Network socket: Server impersonation
  9. 9 Network socket Man-in-the-middle
  10. 10 Windows named pipe: Access control
  11. 11 Windows named pipe: Client impersonation
  12. 12 Windows named pipe: Server impersonation
  13. 13 Windows named pipe: Man-in-the-Middle
  14. 14 USB HID devices
  15. 15 Standalone password managers
  16. 16 Client impersonation on RoboForm
  17. 17 1Password - Key derivation protocol
  18. 18 Server impersonation on 1Password
  19. 19 Password managers with Native messaging
  20. 20 Man-in-the-Middle on Password Boss (2)
  21. 21 FIDO U2F security key
  22. 22 Unauthorized access of FIDO U2F key
  23. 23 Mitigation
  24. 24 Conclusion

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.