Completed
Design Decisions
Class Central Classrooms beta
YouTube videos curated by Class Central.
Classroom Contents
Tackling Privilege Escalation with Offense and Defense
Automatically move to the next video in the Classroom when playback concludes
- 1 Introduction
- 2 Who are you
- 3 Ideal Reader
- 4 Architecture
- 5 The IE Rush
- 6 JavaScript Attack Surface
- 7 JavaScript Engine
- 8 privileged and unprivileged contexts
- 9 trusted functions
- 10 folderlevel scripts
- 11 bin file
- 12 decompile tool
- 13 attacking the engine
- 14 why bypass restrictions
- 15 discovery
- 16 root level eval
- 17 trusted function
- 18 fix
- 19 identity
- 20 global
- 21 xqdialogue
- 22 Adobe patch
- 23 JJS API bypasses
- 24 Defending the engine
- 25 History of JavaScript
- 26 Design Decisions
- 27 Key Features
- 28 Reference Monitor
- 29 Implementation Problem
- 30 Implementation Example
- 31 Static Analysis
- 32 Point Analysis
- 33 Security Information Flow
- 34 Soundness is not necessary
- 35 Soundness is not binary
- 36 Conclusion