Security news doesn't always wait for conference season. That's the guiding principle behind the Black Hat Webcasts – a regular series of live web events focusing on what's hot in the infosec space all year long. The third Thursday of every month, we'll bring together Black Hat speakers, independent researchers and leading security experts from the government to the underground to answer your questions live.
All content for Black Hat Webcasts RSS Feed is the property of Black Hat Briefings and is served directly from their servers
with no modification, redirects, or rehosting. The podcast is not affiliated with or endorsed by Podjoint in any way.
Security news doesn't always wait for conference season. That's the guiding principle behind the Black Hat Webcasts – a regular series of live web events focusing on what's hot in the infosec space all year long. The third Thursday of every month, we'll bring together Black Hat speakers, independent researchers and leading security experts from the government to the underground to answer your questions live.
Black Hat Webcast 3: How to Impress Girls with Browser Memory Protection Bypasses
Black Hat Webcasts RSS Feed
58 minutes 22 seconds
17 years ago
Black Hat Webcast 3: How to Impress Girls with Browser Memory Protection Bypasses
Over the past several years, Microsoft has implemented a number of memory protection mechanisms with the goal of preventing the reliable exploitation of common software vulnerabilities on the Windows platform. Protection mechanisms such as GS, SafeSEH, DEP and ASLR complicate the exploitation of many memory corruption vulnerabilities and at first sight present an insurmountable obstacle for exploit developers.
This talk aims to present exploitation methodologies against this increasingly complex target. We will demonstrate how the inherent design limitations of the protection mechanisms in Windows Vista make them ineffective for preventing the exploitation of memory corruption vulnerabilities in browsers and other client applications.
Each of the aforementioned protections will be briefly introduced and its design limitations will be discussed. We will present a variety of techniques that can be used to bypass the protections and achieve reliable remote code execution in many different circumstances. Finally, we will discuss what Microsoft can do to incre
Black Hat Webcasts RSS Feed
Security news doesn't always wait for conference season. That's the guiding principle behind the Black Hat Webcasts – a regular series of live web events focusing on what's hot in the infosec space all year long. The third Thursday of every month, we'll bring together Black Hat speakers, independent researchers and leading security experts from the government to the underground to answer your questions live.
