The Language of Trust: Exploiting Trust Relationships in Active Content Mark Dowd, Ryan Smith

Channel:
United States All Hacking Cons
Subscribers:
5,970
Published on ● Video Link: https://www.youtube.com/watch?v=7333lETY-X4


Duration: 1:10:54
18 views
0

The Language of Trust: Exploiting Trust Relationships in Active Content

Interactive content has become increasingly powerful and more flexible over the last few years, with major functionality additions appearing in several web-based technologies such as Javascript, .NET, and via browser plugins. These functionality changes coupled with increasingly complex cross-communication layers has created a nuanced and precarious trust layer between many different previously unrelated components.

This presentation attempts to address the issue of trust in the context of active content, and how it is is more complicated than it might first appear. We will demonstrate the exploitation of these trust relationships at different levels of applications, from subverting architectural security controls to memory corruption vulnerabilities that lead to arbitrary execution.

Black Hat - USA - 2009 Hacking conference
#hacking, #hackers, #infosec, #opsec, #IT, #security



Other Videos By All Hacking Cons


2021-12-29Reversing and Exploiting an Apple Firmware Update K Chen
2021-12-29State of the Art Post Exploitation in Hardened PHP Environments Stefan Esser
2021-12-29Post Exploitation Bliss Loading Meterpreter on a Factory iPhone Vincenzo Iozzo, Charlie Miller
2021-12-29Ofir Arkin Introducing X Playing Tricks with ICMP
2021-12-29Jeff Nathan and Kevin Depeugh Layer 2 Attacks
2021-12-29Job de Haas GSM WAP and SMS Security
2021-12-29JD Glaser JDs Toolbox Fire and Ice
2021-12-29Dan Veeneman Wireless Overview Protocols and Threat Models
2021-12-29Panel Vulnerability Disclosure What the Feds Think
2021-12-28Welcome and Introduction to Black Hat USA 2009 Jeff Moss Black Hat - USA - 2009
2021-12-28The Language of Trust: Exploiting Trust Relationships in Active Content Mark Dowd, Ryan Smith
2021-12-28Recoverable Advanced Metering Infrastructure Mike Davis Black Hat - USA - 2009
2021-12-28Attacking SMS Zane Lackey, Luis Miras Black Hat - USA - 2009
2021-12-28Deactivate the Rootkit Alfredo Ortega Black Hat - USA - 2009
2021-12-28Is Your Phone Pwned Kevin Mahaffey, Anthony Lineberry, John Hering Black Hat - USA - 2009
2021-12-28Meet the Feds Feds vs Ex Feds Panel Black Hat - USA - 2009
2021-12-28Defensive Rewriting Bryan Sullivan Black Hat - USA - 2009
2021-12-28Automated Malware Similarity Analysis Daniel Raygoza Black Hat - USA - 2009
2021-12-28Beckstrom’s Law Rod Beckstrom Black Hat - USA - 2009
2021-12-28Demystifying Fuzzers Michael Eddington Black Hat - USA - 2009
2021-12-28Johnny Long Me to We Johnny Long Black Hat - USA - 2009


Tags:
data
hacker
security
computer
cyber
internet
technology
hacking
attack
virus
information
hack
online
code
web
concept
thief
protection
scam
fraud
malware
secure
identity
phishing
software
access
safety
theft
system
firewall
communication
business
privacy
binary
account
spy
programmer
program
spyware
hacked
hacking conference
conference
learn
how to
2022
2021
cybersecurity
owned
break in
google
securing
exploit
exploitation
recon
social engineering
Mark Dowd
Ryan Smith
David Dewey