Completed
Bypass the Defense-In-Depth
Class Central Classrooms beta
YouTube videos curated by Class Central.
Classroom Contents
Exploring and Exploiting the SQLite
Automatically move to the next video in the Classroom when playback concludes
- 1 Intro
- 2 Tencent Blade Team
- 3 Agenda
- 4 The Magellan 2.0
- 5 Vulnerabilities or Bugs Found by the Fuzzer
- 6 Auditing Strategies: Blobs
- 7 Auditing Strategies: The memory operations
- 8 Auditing Strategies: Special Commands
- 9 Shadow Tables
- 10 Structure-Aware Fuzzing
- 11 How the Fuzzer is Implemented
- 12 Differences from Google's (1)
- 13 Raw Data
- 14 Generated Testcase
- 15 Preparations
- 16 Initial Queries of the Fuzzer
- 17 The Structure opdata_16
- 18 Example of Translating Opcode to Query
- 19 Table Selector and Column Selector
- 20 SQL Operation Selector
- 21 Get Data from Data Provider
- 22 Run Generated SQL Queries
- 23 Bypass the Defense-In-Depth
- 24 It's a Little Bit' Tough
- 25 Let's Make Some Fake Objects
- 26 Stabilize the Heap and the RCE
- 27 Get Uninitialized Heap Data
- 28 Overwrite the sqlite3Config
- 29 Set the Memory Page to RWX
- 30 Restore the Stack
- 31 Conclusion