Coursera Flash Sale
40% Off Coursera Plus for 3 Months!
Grab it
Explore the intricate world of Flash sandboxing technology in this Black Hat USA 2012 conference talk. Delve into the internals of three sandbox implementations for Adobe's Flash Player: Protected Mode Flash for Chrome, Protected Mode Flash for Firefox, and Pepper Flash. Gain insights into the high-level architecture of each sandbox implementation, understanding the roles of different processes and their interconnections. Examine the internal sandbox mechanisms, including restrictions, IPC protocols, and services exposed by higher-privileged processes. Analyze the security aspects, current limitations, and weaknesses of each implementation, and discover potential avenues for sandbox bypasses or escapes. Compare and contrast the various differences between these implementations throughout the presentation. Witness demonstrations of Flash sandbox escape vulnerabilities uncovered during the research process.
