Prateek Gianchandani
[Xen1thlabs]
Prateek Gianchandani is currently working as a Security Researcher at xen1thLabs.

His current focus is Mobile and Browser Security. He is also the author of the open-source vulnerable application named Damn Vulnerable iOS app.

He has presented and trained at many international conferences including Defcon, BlackHat USA, Brucon, Hack in Paris, PHDays, Appsec USA, etc.

In his free time, he blogs at http://highaltitudehacks.com and can be found tinkering around the XNU kernel.

Modern Browser Security - The First line of Defense

Technical Level (3 being the highest score): 2

Web Browsers form the first line of defense in a remote attack.

Because of its popularity and its rapidly changing landscape in order to provide consumers with the latest features, they form a wide attack surface and are often targeted. With our focus on Safari's Webkit, we will learn how to identify, analyze and exploit vulnerabilities in its two major components: WebCore and JavascriptCore.

We will understand how objects are allocated and stored in the memory followed by an understanding of how JIT optimizations work.

We will then discuss how JIT optimization can be abused to find vulnerabilities. We will discuss certain exploit primitives (addrof and fakeobj) and how we can achieve arbitrary read/write using those primitives. We will look at some of the latest mitigations introduced in recent versions of Webkit and its impact on exploitation.

The talk will conclude with some techniques on how to effectively fuzz the Javascript engine using Grammar based fuzzing in order to find exploitable vulnerabilities.

Secure your place now!