Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Glitch Chronicles - Turning WebGL Into A Hammer

Hack In The Box Security Conference via YouTube

Overview

Explore the intricacies of WebGL exploitation in this comprehensive conference talk from HITB2018DXB. Dive deep into the world of Glitch attacks, understanding attacker primitives and DRAM organization. Learn about address translation, eviction-based Rowhammer attacks, and GPU architecture. Discover how texture sampling and fast memory access play crucial roles in DRAM exploitation. Examine WebGL-based timers and contiguous memory detection techniques. Uncover the potential of JavaScript arrays, IEEE-754 floating-point numbers, and type flipping for exploitation. Master arbitrary read/write techniques and gain insights into the broader implications of these vulnerabilities. Conclude with a thorough recap and key takeaways for enhancing web security.

Syllabus

Introducción
Glitch: what?
Attacker primitives
DRAM: organization
Address translation: THPS
#P2. Eviction-based Rowhammer: arm
Attack Vector
GPU: The rendering pipeline
#P1. GPU: The architecture
#P1. DRAM access: texture sampling
Fast memory access
Eviction-based Rowhammer: GPU
Memory Allocation
DRAM Reads: recap
#P3. Contiguous Memory: Detection
#P3. WebGL-based timers
Glitch: in a nutshell
Exploitation: JS Arrays
IEEE-754 floating point (double)
Exploitation: Type Flipping
Exploitation: Arbitrary R/W
Exploitation: Arbitrary read
Exploitation: Recap
Conclusions

Taught by

Hack In The Box Security Conference

Reviews

Start your review of Glitch Chronicles - Turning WebGL Into A Hammer

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.