Overview
Explore a novel exploitation technique for Use-After-Free (UAF) vulnerabilities in Adobe Flash in this 41-minute conference talk from the 44CON Information Security Conference. Delve into the Use-After-Use-After-Free (UAUAF) method, which transforms a UAF into a multi-class type confusion, enabling full memory access. Learn how this technique bypasses Adobe's mitigation efforts against common exploitation methods. Examine the detailed exploitation process of CVE-2016-1097, a real-world UAF zero-day vulnerability, from discovery to achieving arbitrary code execution. Gain insights into leveraging object occupations and releases, chaining ROP gadgets, and overcoming challenges in modern Flash exploitation.
Syllabus
Leverage One-shot UAF to a Minigun - Presented By Guanxing Wen
Taught by
44CON Information Security Conference