Home
Add Document
Sign In
Create An Account
Exploiting Unicode-enabled software - Black Hat
Recommend Documents
Exploiting Out-of-Order-Execution - Black Hat
Jun 19, 2015 - 7. Conclusion. 06/19/2015. Exploiting Out-of-Order-Execution. 9/46 ... Channel & noise amplifies in a
Exploiting Live Virtual Machine Migration - Black Hat
Feb 21, 2008 - Software attacks (weak VMM isolation) ... Unauthenticated, insecure migration data plane ... Manipulate t
Attacking Internationalized Software - Black Hat
Oct 6, 2006 - Every application uses internationalization (whether you know it or not!) â A great deal of research pot
Attacking Internationalized Software - Black Hat
Oct 6, 2006 - Every application uses internationalization (whether you know it or not!) ... Background â International
Hardware is the New Software - Black Hat
index.php?main_page=product_info&cPath=8&products ... Ex.: Advanced Assembly, www.aapcb.com .... administrator a
Exploiting the random number generator to bypass ASLR - Black Hat
Jan 23, 2009 - A flaw in the random number generator calling function can be used to ... Address Space Layout Randomizat
Reversing and Exploiting an Apple Firmware Update - Black Hat
Jul 30, 2009 - Delegate method: applicationDidFinishLaunching: ..... chunks with the ith chunk XOR-ed with the 1's compl
Reversing and Exploiting an Apple Firmware Update - Black Hat
Jul 30, 2009 - Apple's keyboards. Firmware bugs. 2. Firmware Update. 3. Analysis. 4. Exploitation. K. Chen. Reversing an
Reversing and Exploiting an Apple Firmware Update - Black Hat
Jul 30, 2009 - âa person who has lawfully obtained the right to use a copy of a computer program may circumvent a tech
SVG - Exploiting Browsers without Image Parsing Bugs - Black Hat [PDF]
Aug 7, 2014 - Using SVG with HTML. SVG features. 2 Attacking SVG. Attack surface. Security model. Security model violations. 3 Content Security Policy.
Reversing C++ - Black Hat
Increasing use of C++ code in malware .... test eax, eax ; eax = address of allocated memory ..... Developed in Python .
Jemalloc - Black Hat
... a userland memory allocator that is being increasingly adopted by software projects as a high performance heap manag
SAP® Backdoors - Black Hat
Apr 14, 2010 - Backdoors in the Authentication Procedure. â« Onapsis Integrity .... No CRC or signature check on the st
pdf attack - Black Hat
Analyzing obfuscated Javascript code. â The âeasyâ way ... s/eval/print/. â Hooking the eval function with Javas
Publication - Video - Black Hat
is, inject frame busting code when the user agent is an iPhone or Android and do not inject it if the browser is an olde
Craig Balding - Black Hat
Python VM. Justin Ferguson ... Pen-testing Scope ... Hook API. Divert Attachments. Client > EC2 > S3. Stored in Pl
Timing Attacks - Black Hat
Aug 7, 2014 - The Arduino Mega is a popular device whose processor operates at 16 MHz. We measured the processing time f
Veiled - Black Hat [PDF]
2. What is a Darknet? A private network where users can freely exchange ideas and content. Darknets ... Server/Client Peer-2-Peer ... HTML 5 Features.
Unicode Security - Black Hat
support for many popular languages, but weren't designed for high-quality typography .... and even Javascript use escape
1 Introduction - Black Hat
The benefit of this approach is openness and flexibility. ... As this becomes commonplace in software, one must have a m
Hacking Russia - Black Hat
Hacking Russia: Inside an. Hacking Russia: Inside an unprecedented prosecution of organized cybercrime. Joseph Menn ...
SAP® Backdoors - Black Hat
Apr 14, 2010 - Web Intelligence, Xcelsius and other Business Objects products and services ... Development of specialize
Lockpicking Forensics - Black Hat
In this regard, the forensic locksmith identifies the method of entry, tools used, skill level of ..... radically differ
WebMail Forensics - Black Hat
Auto-completion ... Sending a message does not since the browser doesn't display the sent ... In addition to standard em
Exploiting Unicode-enabled software - Black Hat
Download PDF
0 downloads
249 Views
2MB Size
Report
Comment
. Can be nastier: ....
....
Unraveling Unicode: A Bag of Tricks for Bug Hunting Black Hat USA July 2009
Chris Weber www.lookout.net
[email protected]
Casaba Security
Can you tell the difference?
Black Hat USA - July 2009
www.casabasecurity.com
© 2009 Chris Weber
How about now?
Black Hat USA - July 2009
www.casabasecurity.com
© 2009 Chris Weber
The Transformers When good input turns bad
becomes
Black Hat USA - July 2009
www.casabasecurity.com
© 2009 Chris Weber
Agenda
Black Hat USA - July 2009
www.casabasecurity.com
© 2009 Chris Weber
Unicode Transformations Agenda
• • • •
Unicode crash course Root Causes Attack Vectors Tools – Find Unicode issues in Web-testing – Visual Spoofing Detection
Black Hat USA - July 2009
www.casabasecurity.com
© 2009 Chris Weber
Unicode Transformations Agenda
• • • •
Unicode crash course Root Causes Attack Vectors Tools
Black Hat USA - July 2009
www.casabasecurity.com
© 2009 Chris Weber
Unicode Crash Course The Unicode Attack Surface
• • • • •
End users Applications > "onerror="alert(1)"
becomes
Black Hat USA - July 2009
www.casabasecurity.com
© 2009 Chris Weber
Root Causes Guidance for Charset Mismatches
• Force UTF-8 • Error if uncertain
Black Hat USA - July 2009
www.casabasecurity.com
© 2009 Chris Weber
Unicode Transformations Agenda
• • • •
Unicode crash course Root Causes Attack Vectors Tools
Black Hat USA - July 2009
www.casabasecurity.com
© 2009 Chris Weber
Unicode Transformations Agenda
• • • •
Unicode crash course Root Causes Attack Vectors Tools
Black Hat USA - July 2009
www.casabasecurity.com
© 2009 Chris Weber
Tools • Watcher – Passive Web-app security testing and auditing
• Unibomber – XSS autopwn testing tool
Black Hat USA - July 2009
www.casabasecurity.com
© 2009 Chris Weber
Tools Watcher – Some of the Passive Checks Included • • • • • • • • • •
Unicode transformation hot-spots User-controlled HTML Cross-domain issues Insecure cookies Insecure HTTP/HTTPS transitions SSL protocol and certificate issues XSS hot-spots Flash issues Silverlight issues Information disclosure
Black Hat USA - July 2009
www.casabasecurity.com
© 2009 Chris Weber
Tools
Black Hat USA - July 2009
www.casabasecurity.com
© 2009 Chris Weber
Tools Watcher - Web-app Security Testing and Auditing
http://websecuritytool.codeplex.com
Black Hat USA - July 2009
www.casabasecurity.com
© 2009 Chris Weber
Tools Unibomber– runtime XSS testing tool
• Deterministic testing • Auto-inject payloads • Unicode transformers – < > ‘ “, etc.
• Detect transformations and encoding hotspots
Black Hat USA - July 2009
www.casabasecurity.com
© 2009 Chris Weber
Thank you! Casaba Security www.casabasecurity.com Chris Weber Blog: www.lookout.net Email:
[email protected]
LinkedIn: http://www.linkedin.com/in/chrisweber
Suggest Documents
Exploiting Out-of-Order-Execution - Black Hat
Read more
Exploiting Live Virtual Machine Migration - Black Hat
Read more
Attacking Internationalized Software - Black Hat
Read more
Attacking Internationalized Software - Black Hat
Read more
Hardware is the New Software - Black Hat
Read more
Exploiting the random number generator to bypass ASLR - Black Hat
Read more
Reversing and Exploiting an Apple Firmware Update - Black Hat
Read more
Reversing and Exploiting an Apple Firmware Update - Black Hat
Read more
Reversing and Exploiting an Apple Firmware Update - Black Hat
Read more
SVG - Exploiting Browsers without Image Parsing Bugs - Black Hat [PDF]
Read more
Reversing C++ - Black Hat
Read more
Jemalloc - Black Hat
Read more
SAP® Backdoors - Black Hat
Read more
pdf attack - Black Hat
Read more
Publication - Video - Black Hat
Read more
Craig Balding - Black Hat
Read more
Timing Attacks - Black Hat
Read more
Veiled - Black Hat [PDF]
Read more
Unicode Security - Black Hat
Read more
1 Introduction - Black Hat
Read more
Hacking Russia - Black Hat
Read more
SAP® Backdoors - Black Hat
Read more
Lockpicking Forensics - Black Hat
Read more
WebMail Forensics - Black Hat
Read more
×
Report "Exploiting Unicode-enabled software - Black Hat"
Your name
Email
Reason
-Select Reason-
Pornographic
Defamatory
Illegal/Unlawful
Spam
Other Terms Of Service Violation
File a copyright complaint
Description
×
Sign In
Email
Password
Remember me
Forgot password?
Sign In
Our partners will collect data and use cookies for ad personalization and measurement.
Learn how we and our ad partner Google, collect and use data
.
Agree & close
![SVG - Exploiting Browsers without Image Parsing Bugs - Black Hat [PDF]](https://m.moam.info/img/260x300/svg-exploiting-browsers-without-image-parsing-bugs_647d8875098a9e464d8b4668.jpg)
![Veiled - Black Hat [PDF]](https://m.moam.info/img/260x300/veiled-black-hat-pdf_649fd267098a9e7f1a8b46e8.jpg)
