Completed
CVE-2017-3085: discussion (3/3)
Class Central Classrooms beta
YouTube videos curated by Class Central.
Classroom Contents
Playing in the Sandbox - Bypassing Adobe Flash Input Validation
Automatically move to the next video in the Classroom when playback concludes
- 1 Intro
- 2 Today's topic: bug bounties
- 3 Introducing Adobe Flash
- 4 Embedding Flash code
- 5 Flash security sandboxes
- 6 Local by definition - Flash
- 7 Escaping the local sandbox (2/2)
- 8 Exfiltrating files out of sandbox
- 9 SMB authentication
- 10 SMB Relay attack (2008)
- 11 NTLMv2 hashes
- 12 Attack variant: SMBTrap
- 13 CVE-2016-4271: discussion (1/2)
- 14 The (revised) remote sandbox
- 15 SMB attacks, revisited (1/2)
- 16 Testing for susceptibility: basic idea
- 17 Testing for susceptibility: first try
- 18 Side track: cross-domain policy file
- 19 Testing for susceptibility: second try
- 20 CVE-2017-3085: discussion (1/3)
- 21 CVE-2017-3085: discussion (3/3)
- 22 Concluding remarks
- 23 Want to break stuff?