Explore the cutting-edge techniques in software exploitation revealed at Pwn2Own 2016 in this Black Hat conference talk. Delve into the intricacies of eight winning browser-to-super-user exploitation chains, encompassing 21 total vulnerabilities. Gain insights into modern browser exploitation, the complexities of kernel Use-After-Free exploitation, and the surprising simplicity of exploiting logic errors and directory traversals in the kernel. Analyze attack vectors, root causes, exploitation techniques, and potential remediations for the presented vulnerabilities. Understand the limitations of application sandboxing and the persistent threat of kernel exploitation in achieving complete system compromise. Discover why these advanced exploitation techniques are considered "shell on earth" for security researchers and attackers alike in this 49-minute presentation by Matt Molinyawe, Jasiel Spelman, Abdul-Aziz Hariri, and Joshua Smith.
Overview
Syllabus
$Hell on Earth: From Browser to System Compromise
Taught by
Black Hat