DHCP Is Hard

Overview

Dive into the complexities of DHCP security in this 48-minute conference talk from Hack In The Box Security Conference. Explore critical vulnerabilities in popular DHCP implementations, including dnsmasq (CVE-2017-14493) and ISC DHCP (CVE-2018-5733). Examine the architecture of ISC DHCP and systemd networkd, uncovering potential security flaws. Learn about refcount overflow, infoleak vulnerabilities, and heap overflow techniques leading to arbitrary write. Discover how to exploit these vulnerabilities through client-server interactions and tcache poisoning. Gain insights into the challenges of DHCP security and understand the implications for network infrastructure.

Syllabus

Intro
dnsmasq - CVE-2017-14493
ISC DHCP - CVE-2018-5733
Refcount Overflow
ISC DHCP - Architecture
ISC DHCP - Real Architecture
Systemd networkd (CVE-2018-15688)
Infoleak-client_parse_message
Triggering the Infoleak: server - client
Triggering the Infoleak: client - server
Leaking a glibc pointer
Heap Overflow to Arbitrary Write
tcache Poisoning
Putting it all together
Conclusion

Taught by

Hack In The Box Security Conference

Reviews

Start your review of DHCP Is Hard

Coursera Cuts Jobs Despite $100M Revenue Milestone

Most common

Popular subjects

Popular courses

DHCP Is Hard

Overview

Syllabus

Taught by

Reviews

Coursera Cuts Jobs Despite $100M Revenue Milestone

Taught by

Exploiting Directory Permissions on macOS

Browser Hacking With ANGLE

Binder - The Bridge To Root - Hongli Han and Mingjian Zhou

How to Hack Medical Imaging Applications via DICOM

Breakout Script of the Westworld - Tianwen Tang & Wei Xiao

SeasCoASA - Exploiting A Small Leak In A Great Ship

Never Stop Learning.