Overview
Explore the vulnerability discovery process and exploitation techniques for memory corruption vulnerabilities in Windows PDB file parsing. This 37-minute Black Hat conference talk delves into the intricacies of debugging information files (PDBs) used by Windows debuggers like WinDBG and Visual Studio. Learn how researcher Gal De Leon uncovered security flaws in DbgHelp.dll's PDB parser implementation. Gain insights into the potential for privilege escalation attacks by exploiting these vulnerabilities. Examine the technical details of PDB file structures, parser behavior, and exploitation methods for elevating privileges on Windows systems.
Syllabus
Crashing Your Way to Medium-IL: Exploiting the PDB Parser for Privilege Escalation
Taught by
Black Hat