Untuk memberi Anda pengalaman terbaik, situs ini menggunakan cookie. Tinjau Kebijakan Privasi kami dan Ketentuan Layanan untuk belajar lebih. Mengerti!
Artwork

Video
Konten disediakan oleh Black Hat Briefings, USA 2007 [Video] Presentations from the security conference.. Semua konten podcast termasuk episode, grafik, dan deskripsi podcast diunggah dan disediakan langsung oleh Black Hat Briefings, USA 2007 [Video] Presentations from the security conference. atau mitra platform podcast mereka. Jika Anda yakin seseorang menggunakan karya berhak cipta Anda tanpa izin, Anda dapat mengikuti proses yang diuraikan di sini https://id.player.fm/legal.
Player FM - Aplikasi Podcast
Offline dengan aplikasi Player FM !
Get it on App Store Get it on Google Play

Black Hat Briefings, USA 2007 [Video] Presentations from the security conference. «
Justin N. Ferguson: Understanding the Heap by Breaking It: A Case Study of the Heap as a Persistent Data Structure Through Non-traditional Exploitation Techniques

47:13
 
Putar
Memutar
Bagikan
 

MP4Beranda episode
Manage episode 152211988 series 1053194
Konten disediakan oleh Black Hat Briefings, USA 2007 [Video] Presentations from the security conference.. Semua konten podcast termasuk episode, grafik, dan deskripsi podcast diunggah dan disediakan langsung oleh Black Hat Briefings, USA 2007 [Video] Presentations from the security conference. atau mitra platform podcast mereka. Jika Anda yakin seseorang menggunakan karya berhak cipta Anda tanpa izin, Anda dapat mengikuti proses yang diuraikan di sini https://id.player.fm/legal.
Traditional exploitation techniques of overwriting heap metadata has been discussed ad-nauseum, however due to this common perspective the flexibility in abuse of the heap is commonly overlooked. This presentation examines a flaw that was found in several popular open-source applications including mod_auth_kerb (Apache Kerberos Authentication), Samba, Heimdal, OpenBSDs kerberos implementation (not exploitable), and so on, as a method for exploring
heap structure exploitation and hopefully providing a gateway to understanding the true beauty of data structure exploitation.
This focuses on the dynamic memory management implementation provided by the GNU C library, particularly ptmalloc2 and presents methods for evading certain sanity checks in the library along with previously unpublished methods for obtaining control.
  continue reading

89 episode

#Video
Artwork

Justin N. Ferguson: Understanding the Heap by Breaking It: A Case Study of the Heap as a Persistent Data Structure Through Non-traditional Exploitation Techniques

Black Hat Briefings, USA 2007 [Video] Presentations from the security conference.

published

Putar Memutar
iconBagikan
 
MP4Beranda episode
Manage episode 152211988 series 1053194
Konten disediakan oleh Black Hat Briefings, USA 2007 [Video] Presentations from the security conference.. Semua konten podcast termasuk episode, grafik, dan deskripsi podcast diunggah dan disediakan langsung oleh Black Hat Briefings, USA 2007 [Video] Presentations from the security conference. atau mitra platform podcast mereka. Jika Anda yakin seseorang menggunakan karya berhak cipta Anda tanpa izin, Anda dapat mengikuti proses yang diuraikan di sini https://id.player.fm/legal.
Traditional exploitation techniques of overwriting heap metadata has been discussed ad-nauseum, however due to this common perspective the flexibility in abuse of the heap is commonly overlooked. This presentation examines a flaw that was found in several popular open-source applications including mod_auth_kerb (Apache Kerberos Authentication), Samba, Heimdal, OpenBSDs kerberos implementation (not exploitable), and so on, as a method for exploring
heap structure exploitation and hopefully providing a gateway to understanding the true beauty of data structure exploitation.
This focuses on the dynamic memory management implementation provided by the GNU C library, particularly ptmalloc2 and presents methods for evading certain sanity checks in the library along with previously unpublished methods for obtaining control.
  continue reading

89 episode

#Video

Semua episode

×
 
Loading …

Selamat datang di Player FM!

Player FM memindai web untuk mencari podcast berkualitas tinggi untuk Anda nikmati saat ini. Ini adalah aplikasi podcast terbaik dan bekerja untuk Android, iPhone, dan web. Daftar untuk menyinkronkan langganan di seluruh perangkat.

 

Dengarkan 500+ topik
Player FM - Aplikasi Podcast
Offline dengan aplikasi Player FM !
Get it on App Store Get it on Google Play

Panduan Referensi Cepat

Podcast Teratas
Laga Raga - Berita Olahraga Terkini
Digipreneur Podcast - Digital Marketing, Startup, Teknologi, dan Bisnis Online di Indonesia
Podcast Awal Minggu
Dummy Podcast Indonesia
Show Box
Rasarab - Indonesia
Indonesian News - NHK WORLD RADIO JAPAN
Asumsi Bersuara
Actionesia
Sains Sekitar Kita
TemuKonco Podcast
Player FM logo
Bantuan/FAQ | Tingkatkan | Mengiklankan
Seni|Bisnis|Komedi|Ekonomi|Hiburan|Berita|Politik|Agama
Ilmu Pengetahuan|Sepak Bola|Olah raga|Cerita|Teknologi|Kejahatan
Hak Cipta 2025 | Peta Situs | Kebijakan Privasi | Ketentuan Layanan | | hak cipta
Episode being played series thumbnail
icon icon
Kecepatan
Pengaturan Seri
1x
1x
Volume
100%
icon
icon icon
/

Lihat Player FM di ...
Player FM
Browser
Chrome
Safari
Firefox
Dengarkan acara ini sambil menjelajah
Putar