Overview
Explore the evolving landscape of vulnerability research in this keynote address from OffensiveCon23. Delve into the origins and motivations behind vulnerability research, examining both changing and unchanged aspects of the field. Learn about buffer overflow bugs, program analysis tools, and improved security strategies. Discover advanced fuzzing techniques and analyze real-world case studies, including CVE-2021-30737. Examine exploit mitigations, secure architectures, and 1-click attack steps. Investigate specific cases involving KPP, PAC in kernel and userland, and PPL. Gain insights into the offensive and defensive game of cybersecurity and ponder the future of vulnerability research. Review the Blackbird exploit, including its exploitation techniques and loading of SEPOS. Conclude with key takeaways to enhance your understanding of modern vulnerability research and exploitation techniques.
Syllabus
Intro
The origin of this talk
Motivations
Process
Post research
Bugs Buffer overflow
Program analysis tools
Improved security strategies
Develop advanced fuzzing
Case study - CVE-2021-30737
Execute arbitrary code
Exploit mitigations
Secure architectures
1-click attack steps
Case study - KPP
Case study - PAC in kernel
Case study-PAC in userland
Case study - PPL
Conclusions
Offensive and defensive game
What about the future?
Quick review of Blackbird
Exploits of Blackbird
Exploit from Checkrain
Loading SEPOS
Simple solution
Takeaways
Taught by
OffensiveCon