Overview
Explore the vulnerabilities of Windows' Common Log File System (CLFS) in this 30-minute Black Hat conference talk. Dive into the research process behind analyzing CLFS attack surfaces and designing targeted fuzz techniques to uncover vulnerabilities. Learn about a specific vulnerability prepared for Tianfu Cup and its exploitation methods. Examine historically common exploit techniques, their limitations, and discover a new universal exploit method for CLFS. Gain insights from security researchers Shijie Xu, Jianyang Song, and Linshuang Li as they unveil their findings on this high-performance logging mechanism introduced in Windows Vista.
Syllabus
The Next Generation of Windows Exploitation: Attacking the Common Log File System
Taught by
Black Hat