Explore a detailed analysis of a critical vulnerability in Cisco's AnyConnect/WebVPN implementation on ASA devices. Delve into the architecture of the fuzzer used to discover a double free vulnerability, and learn about the bug analysis and exploitation techniques. Gain insights into a generic method for leveraging fragmented IKEv1 packets for heap feng shui and creating a write primitive. Understand the significance of this vulnerability, which received a CVSS score of 10.0 from Cisco. Discover how this fuzzing architecture can be applied to other protocols on Cisco devices. Join Cedric, a reverse engineering and exploit development expert from NCC Group, as he shares his findings and techniques in this informative conference talk from Recon Brussels 2018.
Overview
Syllabus
Recon Brussels 2018 - Robin Hood vs Cisco ASA AnyConnect
Taught by
Recon Conference