Overview
Explore a powerful browser fuzzing strategy that uncovered over 100 Internet Explorer use-after-free vulnerabilities in this 34-minute Black Hat conference talk. Learn about the custom-built vulnerability hunting system and unique fuzzing approach that led to 19 CVEs affecting all versions of Microsoft IE. Discover the importance of effective fuzzing strategies in finding critical browser vulnerabilities, and gain insights into the methodology behind explicit and implicit pairing techniques. Examine the implementation, experimentation, and results of this innovative approach to browser security testing, and consider its implications for future vulnerability research.
Syllabus
Introduction
About Us
What is UAF
Is it possible
Zeroday samples
Compatible meta tag
Script function
Problems of randomness
What we learn
IE engineers
Flowchart
First Version
Third Version
Explicit Pairing
Examples
Implicit Pairing
Clear Attribute
Pair Combination
Test Cases
Demo
Implementation
Experimentation
Reboot
Results
Future Work
Thank You
QA
Taught by
Black Hat