Free courses from frontend to fullstack and AI
2,000+ Free Courses with Certificates: Coding, AI, SQL, and More
Overview
Google, IBM & Meta Certificates – 40% Off
One plan covers every Professional Certificate on Coursera.
Unlock All Certificates
Explore generic methods to bypass StructureID Randomization mitigation in this 22-minute Black Hat conference talk. Delve into new techniques that enable attackers to construct addrOf/fakeObj primitives and gain arbitrary Read/Write abilities. Learn about old-school approaches that differ from bug-specific and JIT compiler-related bypass methods. Gain insights into the design of more effective mitigations as speaker Yong Wang presents these concepts, which have not been thoroughly covered in previous talks. The presentation covers topics such as general bypass techniques, prototype manipulation, layout attacks, and potential problems, concluding with a summary and references for further study.
Syllabus
Introduction
General bypass
Question
Prototype
TruthString
Simple Prototype
Converting
Layout
Attack
Objector
Potential Problem
Summary
References
Taught by
Black Hat