Showing Articles About
cansecwest
-
Georgi Geshev Robert Miller - 13 Jun 2018
Chainspotting: Building Exploit Chains with Logic Bugs
A presentation explores the development of an exploit chain involving 11 logic bugs across 6 Android applications. The study demonstrates how logic vulnerabilities can be chained together to achieve malicious actions like silent APK installation. Techniques for discovering and exploiting logic bugs in Android systems are discussed, highlighting the challenges of complex vulnerability chaining.
- Nils Jon Butler
- 6 Mar 2013
Pwn2Own at CanSecWest 2013
MWR Labs demonstrated a full sandbox bypass exploit against Google Chrome at Pwn2Own 2013. The exploit leveraged vulnerabilities to gain code execution in the renderer process and bypass ASLR and DEP protection mechanisms. Memory address leakage techniques were used to execute arbitrary commands outside the browser sandbox.
- 30 Mar 2010
CanSecWest 2010
CanSecWest 2010 was a cybersecurity conference featuring notable security research presentations and the Pwn2Own hacking contest. Presentations covered diverse topics including collaborative reverse engineering, fuzzing techniques, kernel vulnerabilities, and wireless device security. The Pwn2Own contest demonstrated successful exploits across multiple web browsers and mobile platforms.