Hacking the Supply Chain - The Ripple20 Vulnerabilities Haunt Tens of Millions of Critical Devices

Hacking the Supply Chain - The Ripple20 Vulnerabilities Haunt Tens of Millions of Critical Devices

Black Hat via YouTube Direct link

Bad RDLENGTH

15 of 28

15 of 28

Bad RDLENGTH

Class Central Classrooms beta

YouTube videos curated by Class Central.

Classroom Contents

Hacking the Supply Chain - The Ripple20 Vulnerabilities Haunt Tens of Millions of Critical Devices

Automatically move to the next video in the Classroom when playback concludes

  1. 1 Intro
  2. 2 Supply chain
  3. 3 Why Treck TCP/IP?
  4. 4 Ripple20 Research
  5. 5 About CVE-2020-11901
  6. 6 DNS Primer: The Basics
  7. 7 DNS Primer: Record Types
  8. 8 Domain Names Encoding
  9. 9 DNS Message Compression
  10. 10 DNS Parsing Logic Type MX
  11. 11 DNS Label Length Calculation
  12. 12 Vulnerability #1: Read Out-Of-Bounds
  13. 13 Integer Overflow
  14. 14 Fixing the Read Out-Of-Bounds
  15. 15 Bad RDLENGTH
  16. 16 Artifact: Memory Leak
  17. 17 CVE-2020-11901: Summary
  18. 18 Target Device
  19. 19 Vulnerability Recap
  20. 20 Exploitation Technique
  21. 21 Overflow Target
  22. 22 CNAME Processing
  23. 23 Controlled Pointer Write
  24. 24 Linear Overflow
  25. 25 Heap Shaping
  26. 26 Pointer Write Limitations
  27. 27 Overwriting a Far Call
  28. 28 Payload Trigger

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.