WebKit Everywhere - Secure or Not?

WebKit Everywhere - Secure or Not?

Black Hat via YouTube Direct link

Exploitation : JS Controlled Free

18 of 20

18 of 20

Exploitation : JS Controlled Free

Class Central Classrooms beta

YouTube videos curated by Class Central.

Classroom Contents

WebKit Everywhere - Secure or Not?

Automatically move to the next video in the Classroom when playback concludes

  1. 1 Intro
  2. 2 Background
  3. 3 Historical issues
  4. 4 Memory Corruption
  5. 5 Heap Arena
  6. 6 RenderArena internals
  7. 7 RenderArena enhancement
  8. 8 GC mechanism
  9. 9 Trigger GC: Workaround
  10. 10 ASLR on Mac OSX
  11. 11 Sandbox architecture
  12. 12 Native 64bit App
  13. 13 CVE-2014-1303 : Vulnerability
  14. 14 Restrictive 1-bit write
  15. 15 Exploit : What to overwrite?
  16. 16 Typed Array Internals
  17. 17 Exploitation : Overall strategy
  18. 18 Exploitation : JS Controlled Free
  19. 19 Exploitation : ROPs are for the 99%
  20. 20 Summary of WebKit exploitation

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.