Explore over ten Control Flow Guard (CFG) bypass techniques and their effectiveness in Chrome during this 27-minute Black Hat Asia 2022 conference talk. Delve into the history and functionality of CFG, examine previous bypass methods, and learn how they apply specifically to Chrome. Investigate potential improvements to CFG, discuss the Enhanced Security Mode of Edge, and gain valuable insights into browser security mechanisms. Presented by Yunhai Zhang, this technical session offers a deep dive into advanced browser exploitation techniques and defensive strategies.
Overview
Syllabus
black hat ASIA 2022
What is CFG
History of CFG
How Dose CFG Work
Previous CFG Bypass
How about Chrome
Bypass CFG in Chrome
How to Improve
Enhanced Security Mode of Edge
Takeaways
Taught by
Black Hat
Related Courses
-
Bypass Control Flow Guard Comprehensively
-
Exploiting Adobe Flash Player in the Era of Control Flow Guard
-
Cross the Wall - Bypass All Modern Mitigations of Microsoft Edge
-
The Most Secure Browser? Pwning Chrome from 2016 to 2019
-
Diving Into IE 10’s Enhanced Protected Mode Sandbox
-
Never Let Your Guard Down - Finding Unguarded Gates to Bypass Control Flow Guard with Big Data
