Explore the vulnerabilities and limitations of application sandboxes in this Black Hat EU 2013 conference talk. Dive into the "Sandbox Roulette" as presenters Rafal Wojtczuk and Rahul Kashyap demonstrate various exploit vectors targeting Windows Operating System vulnerabilities and assess how different commercial sandboxes fare against each attack. Gain insights into the growing trend of application sandboxing in enterprise security, the lack of standardization, and the potential risks when malware analysts use sandboxes. Examine the architectural decomposition of sandboxing technologies, comparing different vendor solutions and evaluating their effectiveness in protecting enterprise data and infrastructure. Learn about sophisticated malware techniques likely to target sandboxes in the future, and discover the real solutions to enhance sandbox security.
The Sandbox Roulette - Are You Ready For The Gamble?
Overview
Syllabus
Intro
Types of Sandboxes
Windows Internals
State of Windows Security
How does Sandbox work
Example
OS Enhancement Based Sandbox
The Problem
First Vulnerability
Bypass the Sandbox
Buffer Zone Pro Bypass
Secret File Bypass
Type 2 Sandboxes
Type 2 Sandbox
Chromium Sandbox
Chromium Documentation
Chrome Sandbox Demo
Can the Sandbox Stand Ground
Adobe Reader Exploit
Chrome Exploit
untrusted integrity level
podium contest
kernel vulnerability
truetype vulnerability
duotext vulnerability
methodology
Truetype vulnerabilities
Acrobat Reader
Result
Windows kernel vulnerabilities
Alternatives
The Real Solution
Taught by
Black Hat
