Source code vulnerability research and browser exploitation

Back to the list of Speakers and Sessions

Every day, most people who uses a computer will either run applications on untrusted networks (like public wifi) or run application that will run untrusted scripts on their machine. Whether it is a browser running javascript, a cryptocurrency’s smart contracts or even a script from a map or game mod, scripting engines like these tend to have large attack surface for vulnerabilities and they are usually quite exploitable especially when they are use after free bugs. How ever, finding these bug in large open source projects can be a bit intimidating.

In this talk I will present various tools that I used for finding vulnerabilities in open source software. I will try to demonstrate the various bug patterns and how I look for them using examples in everyday software. I will explain how to go from a bug to a vulnerable bug.

Finally, I will explain what is use-after-free (auf) and the bug patterns to look for. Use uaf bugs can be quite tricky to find and quite complicated to exploit. But can be quite dangerous if an attacker understands them well. To demonstrate how powerful uaf in a scripting engine can be, I will walk the audience through a uaf in a modern browser bugs and the some techniques used to exploit them.