hellok · December 15, 2015 04:38
diff --git a/cansecwest_2013 b/cansecwest_2013
 http://cansecwest.com/csw13archive.html

 article:
 1.An Android Hacker's Journey
 //Ecosystem
 //Attack Surface:Like an ocean…
 //for book:Android Hacker’s Handbook

 2.Reflecting on Reflection - Exploiting Reflection Vulnerabilities in Managed Languages
 //.net&&java exploit

 3.Godel's Gourd - Fuzzing for Logic Issues
 - Mike "dd" Eddington (@sockstail) Author of Peach, an open source fuzzer
 //OCL && how to fuzz for logic issues

 4.iOS6.1 - Exploitation 280 Days Later
 - Stephan Esser (@i0n1c)
 What is this talk about?
 • iOS 6 is the new major version of iOS with tons of new security features
 •
 new kernel security mitigations already discussed by Mark Dowd/Tarjei Mandt
 •
 but iOS 6.x has other not yet mentioned new security features
 •
 and some kernel features require commentary
 •
 basically an update to my CSW 2012 talk

 5.Analysis of a Windows Kernel Vulnerability; From Espionage to Criminal Use
 - Julia Wolf (@foxgrrl)

 6.Sandbox Escapes: When the Broker is Broken
 - Peter Vreugdenhil (@WTFuzz)
 //
 Goal of this talk
 • Explaining the code responsible for the 
 interesting parts of the Sandbox
 • Making it easier for other researchers to find 
 sandbox escapes
 • Show some potential sandbox escapes
 //
 Content
 • Sandbox basics
 • The Adobe Sandbox
 • Attack surface
 • Finding all Broker endpoints
 • Finding intercepted API functions
 • (Ab)using the broker to escape
	http://cansecwest.com/csw13archive.html

	article:
	1.An Android Hacker's Journey
	//Ecosystem
	//Attack Surface:Like an ocean…
	//for book:Android Hacker’s Handbook

	2.Reflecting on Reflection - Exploiting Reflection Vulnerabilities in Managed Languages
	//.net&&java exploit

	3.Godel's Gourd - Fuzzing for Logic Issues
	- Mike "dd" Eddington (@sockstail) Author of Peach, an open source fuzzer
	//OCL && how to fuzz for logic issues

	4.iOS6.1 - Exploitation 280 Days Later
	- Stephan Esser (@i0n1c)
	What is this talk about?
	• iOS 6 is the new major version of iOS with tons of new security features
	•
	new kernel security mitigations already discussed by Mark Dowd/Tarjei Mandt
	•
	but iOS 6.x has other not yet mentioned new security features
	•
	and some kernel features require commentary
	•
	basically an update to my CSW 2012 talk

	5.Analysis of a Windows Kernel Vulnerability; From Espionage to Criminal Use
	- Julia Wolf (@foxgrrl)

	6.Sandbox Escapes: When the Broker is Broken
	- Peter Vreugdenhil (@WTFuzz)
	//
	Goal of this talk
	• Explaining the code responsible for the
	interesting parts of the Sandbox
	• Making it easier for other researchers to find
	sandbox escapes
	• Show some potential sandbox escapes
	//
	Content
	• Sandbox basics
	• The Adobe Sandbox
	• Attack surface
	• Finding all Broker endpoints
	• Finding intercepted API functions
	• (Ab)using the broker to escape