Prateek Gianchandani
[Xen1thlabs]
Prateek Gianchandani is currently working as a Data Projector and Screen only Security Researcher at xen1thLabs.

His current focus is Mobile and Browser Security. He is also the author of the open-source vulnerable application named Damn Vulnerable iOS app.

He has presented and trained at many international conferences including Defcon, BlackHat USA, Brucon, Hack in Paris, PHDays, Appsec USA, etc.

In his free time, he blogs at http://highaltitudehacks.com and can be found tinkering around the XNU kernel.

Tutorial: Webkit Exploitation Workshop

Technical Level (3 being the highest score): 2

This workshop will give attendees an introduction to the world of Browser exploitation. We begin with an introduction to the Browser architecture and the different security mitigations in place. We will then learn how to set up a test environment using the open-source builds of different browser engines.

We will then learn how to identify, analyze and exploit vulnerabilities in the WebKit browser engine.

We will focus mostly on WebCore and JavascriptCore, We will understand how objects are allocated and stored in the memory followed by an understanding of how JIT Compilers work, and then learn how a Type-confusion vulnerability can be exploited to get initial addrof() and fakeobj() primitives followed by shellcode execution on an unpatched Safari instance.

Modern Browser Security - The First line of Defense

Technical Level (3 being the highest score): 2

Web Browsers form the first line of defense in a remote attack.

Because of its popularity and its rapidly changing landscape in order to provide consumers with the latest features, they form a wide attack surface and are often targeted. With our focus on Safari's Webkit, we will learn how to identify, analyze and exploit vulnerabilities in its two major components: WebCore and JavascriptCore.

We will understand how objects are allocated and stored in the memory followed by an understanding of how JIT optimizations work.

We will then discuss how JIT optimization can be abused to find vulnerabilities. We will discuss certain exploit primitives (addrof and fakeobj) and how we can achieve arbitrary read/write using those primitives. We will look at some of the latest mitigations introduced in recent versions of Webkit and its impact on exploitation.

The talk will conclude with some techniques on how to effectively fuzz the Javascript engine using Grammar based fuzzing in order to find exploitable vulnerabilities.

Secure your place now!