Explore a novel exploitation technique called Use-After-Use-After-Free (UAUAF) for UAF vulnerabilities in Adobe Flash in this 38-minute Black Hat conference talk. Discover how UAUAF transforms a UAF into a multi-class type confusion by leveraging a sequence of object occupations and releases. Learn about gaining full memory access despite recent mitigations added by Adobe. Examine real-world cases, build an exploit step-by-step, and see a Windows 10 example. Gain insights into the implications of this technique for cybersecurity professionals and developers working with Adobe Flash.
Use-After-Use-After-Free - Exploit UAF by Generating Your Own
Overview
Syllabus
Introduction
Use of UAF
RealWorld Case
Build a Exploit
StepByToRage
Windows 10 Example
Conclusion
Taught by
Black Hat
Related Courses
-
Leverage One-shot UAF to a Minigun
-
Ret2page - The Art of Exploiting Use-After-Free Vulnerabilities in the Dedicated Cache
-
FUZE - Towards Facilitating Exploit Generation for Kernel Use-After-Free Vulnerabilities
-
Attacking iPhone XS Max
-
Variations in Exploit Methods Between Linux and Windows
-
From EK to DEK - An Analysis of Modern Document Exploit Kits
