Completed
Supply chain
Class Central Classrooms beta
YouTube videos curated by Class Central.
Classroom Contents
Hacking the Supply Chain - The Ripple20 Vulnerabilities Haunt Tens of Millions of Critical Devices
Automatically move to the next video in the Classroom when playback concludes
- 1 Intro
- 2 Supply chain
- 3 Why Treck TCP/IP?
- 4 Ripple20 Research
- 5 About CVE-2020-11901
- 6 DNS Primer: The Basics
- 7 DNS Primer: Record Types
- 8 Domain Names Encoding
- 9 DNS Message Compression
- 10 DNS Parsing Logic Type MX
- 11 DNS Label Length Calculation
- 12 Vulnerability #1: Read Out-Of-Bounds
- 13 Integer Overflow
- 14 Fixing the Read Out-Of-Bounds
- 15 Bad RDLENGTH
- 16 Artifact: Memory Leak
- 17 CVE-2020-11901: Summary
- 18 Target Device
- 19 Vulnerability Recap
- 20 Exploitation Technique
- 21 Overflow Target
- 22 CNAME Processing
- 23 Controlled Pointer Write
- 24 Linear Overflow
- 25 Heap Shaping
- 26 Pointer Write Limitations
- 27 Overwriting a Far Call
- 28 Payload Trigger