Why UAF'ter Calc? image

Why UAF'ter Calc?

June 10th 2017 19:00 - 19:45
Main Event Hall

Desktop applications have been rapidly migrating to the web over the past few years. As a result, web browser technologies, such as Chrome and Electron, have become the main client-side component for many popular applications (i.e. Slack). Unfortunately, these same technologies have evolved into extremely large and complex code-bases and therefore come with an equally large attack surface. Therefore, it is critical that these technologies be rigorously tested for security flaws. However, the task of finding bugs in browsers may seem overwhelming at first, but I will demonstrate that it may be simpler than it seems. In this talk we will explore bugs in real software that people use everyday. We'll go through exploitation of real life bugs in browsers and show the typical goals of exploiting a use-after-free bug.

Jean-Marc Le Blanc avatar
Jean-Marc Le Blanc

Jean-Marc Le Blanc (@hoomoose1337: https://twitter.com/hoomoose1337 ) has worked for several major security enterprises for the past 6 years including Google and CSEC as a reverse engineer and vulnerability researcher. On top of his professional security research, he has done a lot of personal vuln...

0 comments

This website uses cookies. By continuing to browse you agree to this and Conferize's terms of service.