Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Leverage One-shot UAF to a Minigun

44CON Information Security Conference via YouTube

Overview

Explore a novel exploitation technique for Use-After-Free (UAF) vulnerabilities in Adobe Flash in this 41-minute conference talk from the 44CON Information Security Conference. Delve into the Use-After-Use-After-Free (UAUAF) method, which transforms a UAF into a multi-class type confusion, enabling full memory access. Learn how this technique bypasses Adobe's mitigation efforts against common exploitation methods. Examine the detailed exploitation process of CVE-2016-1097, a real-world UAF zero-day vulnerability, from discovery to achieving arbitrary code execution. Gain insights into leveraging object occupations and releases, chaining ROP gadgets, and overcoming challenges in modern Flash exploitation.

Syllabus

Leverage One-shot UAF to a Minigun - Presented By Guanxing Wen

Taught by

44CON Information Security Conference

Reviews

Start your review of Leverage One-shot UAF to a Minigun

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.