Slide 1
Slide 1
Slide 1
Slide 1
Slide 1
Slide 1

PRESENTATION MATERIALS

PHOTOS / VIDEOS

Official conference photos and HD videos will be made available in the next 2-3 weeks. Please follow @hitbsecconf on Twitter for links or join our Facebook Group

Steven Seeley (Senior Penetration Tester, Stratsec BAE)

PRESENTATION TITLE: Ghost in the Windows 7 Allocator

PRESENTATION ABSTRACT:

Windows 7 introduced many new security mechanisms regarding the use of the front end allocator. In an attempt to mitigate many of yesterday’s attacks, new, complicated functionality can be abused to place the heap manager into a unexpected state. With every new heap manager revision, security is often enhanced minimizing specific metadata attacks and incrementally increasing their requirements. The metadata attacks of today now facilitate application data attacks directly.

This presentation will begin by detailing Windows XP and Windows 7 heap data structures and core algorithms. Following that, the author will walk through past (un)famous windows heap exploitation techniques and present a new, undisclosed exploitation technique against the Low Fragmentation Heap known as the ‘depth De-sync/Offset match attack’.

ABOUT STEVEN SEELEY

Steven Seeley is a senior penetration tester and security researcher for Stratsec BAE, Australia. In his spare time, Steven conducts vulnerability research enjoys reverse engineering. Lately, Steven has focused his research attention to discovering new attack vectors against window 7′s heap manager.

Okura Hotel Amsterdam
Ferdinand Bolstraat 333, 1072 LH Amsterdam,
The Netherlands

1-Day Intensive Training Sessions – 21st of May / 0900 – 1800

 

SPECIAL OPS 1  - WIRELESS SECURITY KUNGF00

SPECIAL OPS 2  – THE ART OF EXPLOITING SQL INJECTION FLAWS

SPECIAL OPS 3 – MOBILE APPLICATION HACKING – ATTACK & DEFENSE



2-Day Hands on Training Sessions – 22nd – 23rd of May / 0900 – 1800

TECH TRAINING 1  – HUNTING WEB ATTACKERS

TECH TRAINING 2  – ADVANCED LINUX EXPLOITATION METHODS

TECH TRAINING 3  - ADVANCED APPLICATION HACKING – ATTACKS, EXPLOITS & DEFENSE

 

 



3-Day Hands on Training Sessions – 21st, 22nd & 23rd of May / 0900 – 1800

TECH TRAINING 4  – THE EXPLOIT LABORATORY: ADVANCED EDITION




QUAD TRACK CONFERENCE – 24th & 25th of May / 0900 – 1800

Featuring keynotes by BRUCE SCHNEIER and ANDY ELLIS



EVENT ORGANIZER

LOCAL PARTNER

PLATINUM SPONSORS

GOLD SPONSORS

TITANIUM SPONSOR (POST CONFERENCE RECEPTION + SPEAKER RECEPTION)

SILVER SPONSOR

HACKWEEKDAY SPONSOR

ALCO_PWN SPONSOR (POST CONFERENCE RECEPTION)

HITB LAB / SIGINT SPONSOR

NETWORK SPONSORS AND UPLINK

ADDITIONAL SUPPORT BY

SUPPORTING MEDIA

FRIENDS OF HITB

Copyright © 2012 Hack In The Box | http://www.hackinthebox.org

( / 10 )