From Crash To Exploit null Pune Humla 16 January 2016 From Crash To Exploit
Abstract
From Crash to Exploit: CVE-2015-6086 - Out of Bound Read/ASLR Bypass
Agenda
01. Introduction Out of Bound Read bugs
02. Crash Demonstration
03. Understanding the bug
04. WinDbg-Fu
05. Root Cause Analysis
06. Exploitation Challenges
07. Planning Exploitation Strategy
08. Understanding Heap Allocator
09. Massaging the Heap
10. Bypassing Address Space Layout Randomization
11. Q/A & Feedback
Speaker
Ashfaq Ansari is the founder of HackSys Team code named "Panthera". He is a Security Researcher with experience in various aspects of Information Security. He has authored "HackSys Extreme Vulnerable Driver" and "Shellcode of Death". He has also written and published various whitepapers on low level software exploitation. His core interest lies in "Low Level Exploitation", "Reverse Engineering", "Program Analysis" and "Hybrid Fuzzing". He is a fanboy of Artificial Intelligence and Machine Learning. He is the chapter lead for null (Pune).
Timing
Starts at Saturday January 16 2016, 10:00 AM. The sessions runs for about 8 hours.