The Aftermath of a Fuzz Run - What to Do About Those Crashes?

The Aftermath of a Fuzz Run - What to Do About Those Crashes?

Linux Foundation via YouTube Direct link

PHP: Low invalid read

24 of 25

24 of 25

PHP: Low invalid read

Class Central Classrooms beta

YouTube videos curated by Class Central.

Classroom Contents

The Aftermath of a Fuzz Run - What to Do About Those Crashes?

Automatically move to the next video in the Classroom when playback concludes

  1. 1 Intro
  2. 2 NeXT, Apple, Weblogic, BEA Systems, Azul Systems
  3. 3 1 Introduce/Review Memory Corruption Bugs 2 A Post Fuzz Run Workflow 3 Real World Examples
  4. 4 Invalid Reads/Writes
  5. 5 Stack vs Heap Corruption
  6. 6 Use After Free
  7. 7 Other Memory Bugs
  8. 8 b: What is Exploitability?
  9. 9 Re-programming with input data- not code
  10. 10 Does "exploitability" matter?
  11. 11 Google Project Zero
  12. 12 Many modern exploits are bug chains
  13. 13 Surprisingly Exploitable
  14. 14 C-Ares / Chrome OS Remote Code Execution
  15. 15 Section 1c: Memory Corruption Mitigations
  16. 16 ASLR Address Space Layout Randomization
  17. 17 DEP Data Execution Prevention
  18. 18 Minimize the Corpus of Crashes
  19. 19 b: Memory Corruption Analysis Tools
  20. 20 Valgrind (memcheck)
  21. 21 Section 2c: Determine Exploitability / Find the Root Cause
  22. 22 Disable ASLR
  23. 23 Identify critical memory locations
  24. 24 PHP: Low invalid read
  25. 25 Netflix Dynomite: Invalid Write

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.