Overview
Explore over ten Control Flow Guard (CFG) bypass techniques and their effectiveness in Chrome during this 27-minute Black Hat Asia 2022 conference talk. Delve into the history and functionality of CFG, examine previous bypass methods, and learn how they apply specifically to Chrome. Investigate potential improvements to CFG, discuss the Enhanced Security Mode of Edge, and gain valuable insights into browser security mechanisms. Presented by Yunhai Zhang, this technical session offers a deep dive into advanced browser exploitation techniques and defensive strategies.
Syllabus
black hat ASIA 2022
What is CFG
History of CFG
How Dose CFG Work
Previous CFG Bypass
How about Chrome
Bypass CFG in Chrome
How to Improve
Enhanced Security Mode of Edge
Takeaways
Taught by
Black Hat