Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Bochspwn - Identifying 0-Days via System-Wide Memory Access Pattern Analysis

Black Hat via YouTube

Overview

Explore an innovative approach to discovering kernel vulnerabilities through dynamic CPU-level instrumentation in this Black Hat USA 2013 conference talk. Delve into the "Bochspwn" project, which utilizes memory access patterns to identify potential race conditions in user-mode memory interactions. Learn about various implementation methods and discover how this technique uncovered approximately 50 local elevation of privilege vulnerabilities in the Windows kernel. Gain insights into the evolution of automated vulnerability discovery and its impact on kernel security. Understand the limitations of current kernel code coverage techniques and the importance of addressing kernel-specific bug classes. Witness the open-sourcing of the Bochspwn tool and explore opportunities for further development and testing of this groundbreaking approach to enhancing system security.

Syllabus

Black Hat USA 2013 - Bochspwn: Identifying 0-days via System-wide Memory Access Pattern Analysis

Taught by

Black Hat

Reviews

Start your review of Bochspwn - Identifying 0-Days via System-Wide Memory Access Pattern Analysis

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.