HITB-Invoice-Logo

thank you for joining us!

Browser Hacking with ANGLE

Date

August 26, 2022

Time

15:00

Track

Main Track

This presentation gives the basic knowledge of the ANGLE project and examines how to use ANGLE in WebGL/WebGL2 of web browsers. In this talk we analyze the types of vulnerabilities and root causes that occurred in ANGLE and we analyze exploitable vulnerabilities and explain how to obtain RCE in macOS (iOS is also affected, but PAC bypass is not covered in this presentation.)

We will start with a basic introduction to WebGL / WebGL2 component and how to use ANGLE in your web browser followed by a look at the following vulnerabilities:

  • CVE-2021-30626 (chromium)
  • crbug.com/1266437 (chromium)
  • CVE-2022-26717 (Safari)

Speakers

Researcher

Theori

Jeonghoon Shin is a mentor of KITRI BoB and is interested in browser bug hunting & exploitation.

Other Talks in This Track

LOCATION

Main Track

DATE

August 26

TIME

09:00

LOCATION

Main Track

DATE

August 26

TIME

10:30

LOCATION

Main Track

DATE

August 26

TIME

14:00

LOCATION

Main Track

DATE

August 26

TIME

16:30