BlueHat IL 2018 - Jordan Rabet - Browser Security Beyond Sandboxing
https://youtu.be/sheeWKC6CuM
🕴🏼 @Phantasm_Lab
Security is now a strong differentiator in picking the right browser - a single compromise through a web browser can have catastrophic results. Much of recent browser security development has been focused on improving sandboxing, but we can't lose sight of how damaging remote code execution (RCE) exploits can be, even when they remain contained to a single process. This talk will interactively walk through the discovery of RCE bugs in Google's Chrome browser, the exploitation of one of them, and finally, the capabilities a savvy attacker can attain from that, culminating in a live pwning demo.https://youtu.be/sheeWKC6CuM
🕴🏼 @Phantasm_Lab
YouTube
BlueHat IL 2018 - Jordan Rabet - Browser Security Beyond Sandboxing
Security is now a strong differentiator in picking the right browser - a single compromise through a web browser can have catastrophic results. Much of recen...
BlueHat IL 2018 - Saar Amar - Linux Vulnerabilities Windows Exploits: Escalating Privileges with WSL
https://youtu.be/3deJvbBHET4
🕴🏼 @Phantasm_Lab
WSL (Windows Subsystem for Linux) is an impressive mechanism integrated recently into the Windows 10 kernel. This subsystem allows Linux executables to run without modifications on a Windows machine, using the same system calls, file system layout and executable format — an enormous attack surface by all means. Like any other new, large, and complex codebase, it is a greenfield for vulnerability researchers, hindered only by the lack of documentation, and by a single massive .sys file just waiting to be reverse engineered.https://youtu.be/3deJvbBHET4
🕴🏼 @Phantasm_Lab
YouTube
BlueHat IL 2018 - Saar Amar - Linux Vulnerabilities Windows Exploits: Escalating Privileges with WSL
WSL (Windows Subsystem for Linux) is an impressive mechanism integrated recently into the Windows 10 kernel. This subsystem allows Linux executables to run w...