Archive for the talks Category

Level: Advanced Subject Matter

Abstract:
This talk will provide an introduction to the Linux kernel, the core component of an operating system, and its attack surface. The speaker will discuss the differences between userspace and kernel-space and the security implications of each. He will explain how attackers can exploit kernel vulnerabilities for privilege escalation and other malicious goals. The talk will cover the environment setup for kernel debugging, various types of kernel bugs and their impact, and different mitigations and bypasses that can be used to protect against kernel exploits. A ret2user exploit will be demonstrated, and the talk will conclude with a discussion of fuzzing the kernel and reporting bugs. Overall, this talk will provide a comprehensive overview of Linux kernel security.

Bio:
Ivor Canjuga is an undergraduate student at the Faculty of Electrical Engineering and Computer Science at the University of Maribor. He enjoys creating challenges for CTFs, particularly hard ones, and has experience in penetration testing and bug bounty programs. Ivor’s passion lies in binary exploitation, where he applies his skills to uncover vulnerabilities and exploits.

Video/recordings:

[Slides (PDF)] [Recording (MP4)]

Level: Advanced Subject Matter

The idea is to first explain in depth how dynamic memory management works in glibc, as well as what could go wrong in the process of allocating or freeing memory. We will take a look at heap-based buffer overflows, use after free vulnerabilities, and why these two are the leading cause of software-based exploits even in 2023. how other allocators(for example scudo) prevent them, and of course also how to exploit them in different scenarios and environments(this will be the live demo part). I will also present the protections that have been put in place by system software developers in order to try and restrict the damage that these vulnerability classes can cause if exploited successfully.

Bio:
Aleksander Mundjar is CTF player, cybersecurity researcher, college student.