Tackling Privilege Escalation with Offense and Defense

Tackling Privilege Escalation with Offense and Defense

Black Hat via YouTube Direct link

global

20 of 36

20 of 36

global

Class Central Classrooms beta

YouTube videos curated by Class Central.

Classroom Contents

Tackling Privilege Escalation with Offense and Defense

Automatically move to the next video in the Classroom when playback concludes

  1. 1 Introduction
  2. 2 Who are you
  3. 3 Ideal Reader
  4. 4 Architecture
  5. 5 The IE Rush
  6. 6 JavaScript Attack Surface
  7. 7 JavaScript Engine
  8. 8 privileged and unprivileged contexts
  9. 9 trusted functions
  10. 10 folderlevel scripts
  11. 11 bin file
  12. 12 decompile tool
  13. 13 attacking the engine
  14. 14 why bypass restrictions
  15. 15 discovery
  16. 16 root level eval
  17. 17 trusted function
  18. 18 fix
  19. 19 identity
  20. 20 global
  21. 21 xqdialogue
  22. 22 Adobe patch
  23. 23 JJS API bypasses
  24. 24 Defending the engine
  25. 25 History of JavaScript
  26. 26 Design Decisions
  27. 27 Key Features
  28. 28 Reference Monitor
  29. 29 Implementation Problem
  30. 30 Implementation Example
  31. 31 Static Analysis
  32. 32 Point Analysis
  33. 33 Security Information Flow
  34. 34 Soundness is not necessary
  35. 35 Soundness is not binary
  36. 36 Conclusion

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.