|
Black Hat Europe 2015 - Exploiting Adobe Flash Player In The Era Of Control Flow Guard |
Si vous voulez bloquer ce service sur vos fils RSS
Si vous voulez nous contacter ou nous proposer un fil RSS
Menu > Articles de la revue de presse : - l'ensemble [ tous | francophone] - par mots clé [ tous] - par site [ tous] - le tagwall [ voir] - Top bi-hebdo de la revue de presse [ Voir]
Black Hat Europe 2015 - Exploiting Adobe Flash Player In The Era Of Control Flow Guard Par SecurityTube.NetLe [2016-03-14] à 14:49:56
Présentation : Adobe Flash Player, one of the most ubiquitous pieces of software, is integrated into the operating system on Windows 8.1 and Windows 10. Along with the introduction of Control Flow Guard CFG - Microsoft's newest exploit mitigation technology - in November 2014, Flash Player binaries provided by Microsoft are now protected by CFG, which adds a check before every indirect call in the code in order to verify that the destination address of that call is one of the locations identified as safe at compile time. Gaining code execution isn't as simple as overwriting the vtable of an object and calling one of its virtual methods anymore. We'll start this presentation by discussing an exploitation technique which leverages the Flash Player's JIT compiler in order to bypass CFG, and how Microsoft and Adobe have hardened Flash Player's JIT compiler against this technique in the June 2015 security updates. Then, we are going to discuss three practical data-only attacks, showing how it is possible to take advantage of vulnerabilities in Flash Player while avoiding the mess of having to deal with CFG. One of these alternative payloads makes it possible to execute arbitrary commands on the vulnerable system without injecting shellcode nor using ROP. Interestingly, detecting and protecting against these data-only attacks can be challenging. Although this talk is focused on the challenges of exploiting Flash Player vulnerabilities on CFG-enabled systems, the techniques and ideas discussed here may be applied against other software. For More Information Please Visit - https www.blackhat.com index.html
Les mots clés de la revue de presse pour cet article : adobe flash Les videos sur SecuObs pour les mots clés : adobe flash Les éléments de la revue Twitter pour les mots clé : adobe flash
Les derniers articles du site "SecurityTube.Net" :
- TROOPERSCON - Crypto code the 9 circles of testing - TROOPERSCON - Towards a LangSec Aware SDLC - TROOPERSCON - Deep dive into SAP archive file formats - TROOPERSCON - Thanks SAP for the vulnerabilities. Exploiting the unexploitable - TROOPERSCON - An easy way into your multi-million dollar SAP systems An unknown default SAP account - TROOPERSCON - One Tool To Rule Them All - TROOPERSCON - Mind The Gap - Exploit Free Whitelisting Evasion Tactics - TROOPERSCON - The Chimaera Processor - TROOPERSCON - Lets Play Hide and Seek in the Cloud - TROOPERSCON - Planes, Trains and Automobiles The Internet of Deadly Things
Menu > Articles de la revue de presse : - l'ensemble [ tous | francophone] - par mots clé [ tous] - par site [ tous] - le tagwall [ voir] - Top bi-hebdo de la revue de presse [ Voir]
Si vous voulez bloquer ce service sur vos fils RSS :
- avec iptables "iptables -A INPUT -s 88.190.17.190 --dport 80 -j DROP"
- avec ipfw et wipfw "ipfw add deny from 88.190.17.190 to any 80"
- Nous contacter par mail
Mini-Tagwall des articles publiés sur SecuObs : | | | | sécurité, exploit, windows, attaque, outil, microsoft, réseau, audit, metasploit, vulnérabilité, système, virus, internet, usbsploit, données, source, linux, protocol, présentation, scanne, réseaux, scanner, bluetooth, conférence, reverse, shell, meterpreter, vista, rootkit, détection, mobile, security, malicieux, engineering, téléphone, paquet, trames, https, noyau, utilisant, intel, wishmaster, google, sysun, libre |
Mini-Tagwall de l'annuaire video : | | | | curit, security, biomet, metasploit, biometric, cking, password, windows, botnet, defcon, tutorial, crypt, xploit, exploit, lockpicking, linux, attack, wireshark, vmware, rootkit, conference, network, shmoocon, backtrack, virus, conficker, elcom, etter, elcomsoft, server, meterpreter, openvpn, ettercap, openbs, iphone, shell, openbsd, iptables, securitytube, deepsec, source, office, systm, openssh, radio |
Mini-Tagwall des articles de la revue de presse : | | | | security, microsoft, windows, hacker, attack, network, vulnerability, google, exploit, malware, internet, remote, iphone, server, inject, patch, apple, twitter, mobile, virus, ebook, facebook, vulnérabilité, crypt, source, linux, password, intel, research, virtual, phish, access, tutorial, trojan, social, privacy, firefox, adobe, overflow, office, cisco, conficker, botnet, pirate, sécurité |
Mini-Tagwall des Tweets de la revue Twitter : | | | | security, linux, botnet, attack, metasploit, cisco, defcon, phish, exploit, google, inject, server, firewall, network, twitter, vmware, windows, microsoft, compliance, vulnerability, python, engineering, source, kernel, crypt, social, overflow, nessus, crack, hacker, virus, iphone, patch, virtual, javascript, malware, conficker, pentest, research, email, password, adobe, apache, proxy, backtrack |
|
|
|
|
|