WebKit Everywhere - Secure or Not?

WebKit Everywhere - Secure or Not?

Black Hat via YouTube Direct link

Sandbox architecture

11 of 20

11 of 20

Sandbox architecture

Class Central Classrooms beta

YouTube videos curated by Class Central.

Classroom Contents

WebKit Everywhere - Secure or Not?

Automatically move to the next video in the Classroom when playback concludes

  1. 1 Intro
  2. 2 Background
  3. 3 Historical issues
  4. 4 Memory Corruption
  5. 5 Heap Arena
  6. 6 RenderArena internals
  7. 7 RenderArena enhancement
  8. 8 GC mechanism
  9. 9 Trigger GC: Workaround
  10. 10 ASLR on Mac OSX
  11. 11 Sandbox architecture
  12. 12 Native 64bit App
  13. 13 CVE-2014-1303 : Vulnerability
  14. 14 Restrictive 1-bit write
  15. 15 Exploit : What to overwrite?
  16. 16 Typed Array Internals
  17. 17 Exploitation : Overall strategy
  18. 18 Exploitation : JS Controlled Free
  19. 19 Exploitation : ROPs are for the 99%
  20. 20 Summary of WebKit exploitation

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.