Dive deep into the world of Use After Free vulnerabilities in this 47-minute conference talk from AppSecUSA 2014. Explore the definition of this vulnerability class, learn to detect bugs in a debugger, and discover how to weaponize them into working exploits against Internet Explorer. Gain insights into memory leaks and their potential for bypassing Address Space Layout Randomization (ASLR). Led by industry expert Stephen Sims, this presentation offers valuable knowledge for those interested in web browser and client-side security, reverse engineering, and exploit development.
Use After Free Exploitation - Detecting and Exploiting Heap Vulnerabilities
Overview
Syllabus
Use After Free Exploitation - OWASP AppSecUSA 2014
Taught by
OWASP Foundation
Related Courses
-
Abusing Silent Mitigations - Understanding Weaknesses Within Internet Explorer
-
Hey Man, Have You Forgotten to Initialize Your Memory?
-
Ret2page - The Art of Exploiting Use-After-Free Vulnerabilities in the Dedicated Cache
-
FUZE - Towards Facilitating Exploit Generation for Kernel Use-After-Free Vulnerabilities
-
Hijacking an IP Camera Stream: SADProtocol Vulnerabilities and Hollywood-Style Exploitation
