What is a Browser Security Sandbox?! (Learn to Hack Firefox)

What is a Browser Security Sandbox?! (Learn to Hack Firefox)

Channel:
United States LiveOverflow
Subscribers:
920,000
Published on ● Video Link: https://www.youtube.com/watch?v=StQ_6juJlZY


Duration: 18:06
135,513 views
8,393

It's surprisingly easy to do security research on Firefox trying to find sandbox escapes. You should give it a try!

Long video version (stream Q&A): https://www.youtube.com/watch?v=VEaoDFdq95g

The Original Article: https://blog.mozilla.org/attack-and-defense/2021/04/27/examining-javascript-inter-process-communication-in-firefox/
Fuzzing IPC: https://blog.mozilla.org/attack-and-defense/2021/01/27/effectively-fuzzing-the-ipc-layer-in-firefox/
Mozilla Bug Bounty: https://www.mozilla.org/en-US/security/client-bug-bounty/

00:00 - Intro
01:44 - What is a Process Sandbox?
03:04 - How to Implement a Sandbox?
03:43 - Introducing Inter Process Communication (IPC)
05:17 - Why Browsers Need a Complex Sandbox Architecture
07:19 - Browser Exploitation requires Sandbox Escape
08:42 - Strategy 1: OS Sandbox Implementation Bypass
08:59 - Strategy 2: Attacking the IPC Implementation Layer
09:48 - Strategy 3: IPC Logic Bugs
10:10 - HTML/JS Components in Firefox
11:21 - IPC Messages Implemented in JavaScript
11:58 - Setting Up Firefox Nightly For Debugging
13:20 - alert() IPC Message Handler
14:04 - IPC Message Sender
15:21 - Send Malicious IPC Messages
16:12 - CVE-2019-11708 Prompt:Open Sandbox Escape
17:13 - Outro

-=[ ❤️ Support ]=-

→ per Video: https://www.patreon.com/join/liveoverflow
→ per Month: https://www.youtube.com/channel/UClcE-kVhqyiHCcjYwcpfj9w/join

-=[ 🐕 Social ]=-

→ Twitter: https://twitter.com/LiveOverflow/
→ Website: https://liveoverflow.com/
→ Subreddit: https://www.reddit.com/r/LiveOverflow/
→ Facebook: https://www.facebook.com/LiveOverflow/



Other Videos By LiveOverflow


2021-09-19Developing a Tool to Find Function Pointers on The Heap | Ep. 10
2021-09-12What Ethereum Smart Contract Hacking Looks Like
2021-09-04Discussing Heap Exploit Strategies for sudo - Ep. 09
2021-08-28"Controversial Security" // BSides Berlin 2021
2021-08-26using z3 to reverse a custom hash during a CTF be like #shorts
2021-08-19can you hack this screenshot service?? - CSCG 2021
2021-08-11C Code Review - Reaching Vulnerable Code in sudo | Ep. 08
2021-07-31DO NOT USE alert(1) for XSS
2021-07-24Understanding C Pointer Magic Arithmetic | Ep. 07
2021-07-17Crazy Steam Phishing Page
2021-07-10What is a Browser Security Sandbox?! (Learn to Hack Firefox)
2021-07-02Root Cause Analysis With AddressSanitizer (ASan) | Ep. 06
2021-06-25Found a Crash Through Fuzzing? Minimize AFL Testcases! | Ep. 05
2021-06-18Understand Security Risk vs. Security Vulnerability!
2021-06-11Finding Buffer Overflow with Fuzzing | Ep. 04
2021-06-04Hacker Culture Meritocracy?
2021-05-22Troubleshooting AFL Fuzzing Problems | Ep. 03
2021-05-15Pentesting vs. Bug Bounty vs. Pentesting ???
2021-05-08How Fuzzing with AFL works! | Ep. 02
2021-04-29Why Pick sudo as Research Target? | Ep. 01
2021-04-22How SUDO on Linux was HACKED! // CVE-2021-3156


Tags:
Live Overflow
liveoverflow
hacking tutorial
how to hack
exploit tutorial
firefox
bug bounty
mozilla
browser sandbox
IPC
inter process communication
seccompt
linux
browser security
exploit kit
sandbox escape
prompt:open
browser 0day
zero day
CVE
security research
freddyb
firefox nightly
mozilla firefox
firefox security
google chrome
zerodium
pwn2own