Overview
Explore the journey of a high school student who discovered a critical Remote Code Execution vulnerability in Microsoft Edge within just over a year of starting security research. Learn about the progression from solving coding challenges to participating in Capture The Flag competitions, which sparked a fascination with finding vulnerabilities. Delve into the recent trend of JIT Type Confusion vulnerabilities in ChakraCore, understand the discovered vulnerability, and examine similar issues found by other researchers. Witness a live demonstration of a working exploit and gain insights valuable for both aspiring security enthusiasts and experienced researchers interested in browser vulnerabilities and exploitation techniques.
Syllabus
Introduction
Overview
Vulnerability Research
Practice
Arrays
Holes
JIT
Recap
Proof of Concept
Code Execution
Summary
Questions
Taught by
media.ccc.de