Android Backstage, a podcast by and for Android developers. Hosted by developers from the Android engineering team, this show covers topics of interest to Android programmers, with in-depth discussions and interviews with engineers on the Android team at Google. Subscribe to Android Developers YouTube → https://goo.gle/AndroidDevs
…
continue reading
コンテンツは Black Hat and Jeff Moss によって提供されます。エピソード、グラフィック、ポッドキャストの説明を含むすべてのポッドキャスト コンテンツは、Black Hat and Jeff Moss またはそのポッドキャスト プラットフォーム パートナーによって直接アップロードされ、提供されます。誰かがあなたの著作物をあなたの許可なく使用していると思われる場合は、ここで概説されているプロセスに従うことができますhttps://ja.player.fm/legal。
Player FM -ポッドキャストアプリ
Player FMアプリでオフラインにしPlayer FMう!
Player FMアプリでオフラインにしPlayer FMう!
Yuji Ukai: Environment Dependencies in Windows Exploitation(Japanese)
Manage episode 155121172 series 1146743
コンテンツは Black Hat and Jeff Moss によって提供されます。エピソード、グラフィック、ポッドキャストの説明を含むすべてのポッドキャスト コンテンツは、Black Hat and Jeff Moss またはそのポッドキャスト プラットフォーム パートナーによって直接アップロードされ、提供されます。誰かがあなたの著作物をあなたの許可なく使用していると思われる場合は、ここで概説されているプロセスに従うことができますhttps://ja.player.fm/legal。
"In the case of vulnerabilities which allow the execution of arbitrary machine code, the reliability of exploitation is swayed by the type of vulnerability, the conditions surrounding the vulnerable code, and the attack vector, among other considerations. The reliability of exploitation an important factor for those attempting to exploit a vulnerability'especially so for worm and virus writers'so therefore it is also an important consideration for the threat analysis of security vulnerabilities. In Japan, some public institutions and non-governmental enterprises are providing detailed information and threat analyses of vulnerabilities, exploits, and worms. Because the majority of the systems in Japan run the Japanese version of Windows, the analysis and consideration of language-specific dependencies are very important factors for both the providers and consumers of such information in Japan, especially in case of the worms. Since one of highest priorities of a worm is to propagate as far as possible, some recent worms have employed techniques that avoid language and version dependencies, such as choosing return addresses that can be used across multiple language versions of Windows. In this presentation, the discussion of detailed and practical techniques to achieve environment independence will be avoided, but, at least understanding the technical overview and potentiality of these techniques is important for both providing proper threat analyses, and understanding them in depth. In Black Hat USA 2004, as part of our threat analysis research, we discussed return address discovery using context-aware machine code emulation'namely, our EEREAP project' which is intended to help prove whether universal return addresses exist. In Black Hat Japan 2004, we will expand on this presentation, and we will both explore the risk factors that aid in the avoidance of language and version dependencies, and show how to mitigate these risks. Yuji Ukai is a researcher and senior software engineer with eEye Digital Security. After completing his Ph.D. in computer science at the National University of Tokushima, he began his employment at an appliance vendor in Japan where he developed embedded operating systems. Over the last several years he has discovered several important security holes affecting various software products (Workstation Service and LSASS for Windows, etc) as well as pioneered new trends in wireless security technologies."
…
continue reading
22 つのエピソード
Yuji Ukai: Environment Dependencies in Windows Exploitation(Japanese)
Black Hat Briefings, Japan 2004 [Audio] Presentations from the security conference
Manage episode 155121172 series 1146743
コンテンツは Black Hat and Jeff Moss によって提供されます。エピソード、グラフィック、ポッドキャストの説明を含むすべてのポッドキャスト コンテンツは、Black Hat and Jeff Moss またはそのポッドキャスト プラットフォーム パートナーによって直接アップロードされ、提供されます。誰かがあなたの著作物をあなたの許可なく使用していると思われる場合は、ここで概説されているプロセスに従うことができますhttps://ja.player.fm/legal。
"In the case of vulnerabilities which allow the execution of arbitrary machine code, the reliability of exploitation is swayed by the type of vulnerability, the conditions surrounding the vulnerable code, and the attack vector, among other considerations. The reliability of exploitation an important factor for those attempting to exploit a vulnerability'especially so for worm and virus writers'so therefore it is also an important consideration for the threat analysis of security vulnerabilities. In Japan, some public institutions and non-governmental enterprises are providing detailed information and threat analyses of vulnerabilities, exploits, and worms. Because the majority of the systems in Japan run the Japanese version of Windows, the analysis and consideration of language-specific dependencies are very important factors for both the providers and consumers of such information in Japan, especially in case of the worms. Since one of highest priorities of a worm is to propagate as far as possible, some recent worms have employed techniques that avoid language and version dependencies, such as choosing return addresses that can be used across multiple language versions of Windows. In this presentation, the discussion of detailed and practical techniques to achieve environment independence will be avoided, but, at least understanding the technical overview and potentiality of these techniques is important for both providing proper threat analyses, and understanding them in depth. In Black Hat USA 2004, as part of our threat analysis research, we discussed return address discovery using context-aware machine code emulation'namely, our EEREAP project' which is intended to help prove whether universal return addresses exist. In Black Hat Japan 2004, we will expand on this presentation, and we will both explore the risk factors that aid in the avoidance of language and version dependencies, and show how to mitigate these risks. Yuji Ukai is a researcher and senior software engineer with eEye Digital Security. After completing his Ph.D. in computer science at the National University of Tokushima, he began his employment at an appliance vendor in Japan where he developed embedded operating systems. Over the last several years he has discovered several important security holes affecting various software products (Workstation Service and LSASS for Windows, etc) as well as pioneered new trends in wireless security technologies."
…
continue reading
22 つのエピソード
すべてのエピソード
×プレーヤーFMへようこそ!
Player FMは今からすぐに楽しめるために高品質のポッドキャストをウェブでスキャンしています。 これは最高のポッドキャストアプリで、Android、iPhone、そしてWebで動作します。 全ての端末で購読を同期するためにサインアップしてください。