House of Heap Exploitation

Presented at DEF CON 30 (2022), Aug. 11, 2022, 2 p.m. (240 minutes)

Materials: Laptop with enough power for a moderately sized Linux VM Administrative access to the laptop 8GB RAM minimum 30GB harddrive space Virtualbox or another virtualization platform installed Prereq: Basic computer science background (x86_64 assembly, stack, programming skills in C & Python) Basic binary exploitation skills (buffer overflow exploitation, ROP, ASLR, etc.) - Familiar with Linux developer tools such as the command line, Python scripting and GDB.

Presenters:

  • Nathan Kirkland
    Raised on a steady diet of video game modding, when Nathan found programming as a teenager, he fit right into it. Legend says he still keeps his coffee (and tear) stained 1980s edition of The C Programming Language by K&R stored in a box somewhere. A few borrowed Kevin Mitnick books later, he had a new interest, and began spending more and more time searching for buffer overflows and SQL injections. Many coffee fueled sleepless nights later, he had earned OSCP, and graduated highschool a few months later. After a few more years of working towards a math degree and trying fervently to teach himself cryptanalysis, he decided to head back to the types of fun hacking problems that were his real first love, and has worked at Security Innovation ever since.
  • Kenzie Dolan - Security Engineer
    Kenzie Dolan (they/she) works for Security Innovation as a Security Engineer focusing on engagements ranging from IoT hacking to kiosk exploitation. His current research interests include emerging threats against Mobile and IoT devices. He has a degree in Computer and Information Science from University of Oregon. In his free time, James enjoys composing music, playing video games or hiking in the greater Seattle area.
  • Zachary Minneker - Senior Security Engineer, Security Innovation
    Zachary Minneker is a senior security engineer and security researcher at Security Innovation. His first computer was a PowerPC Macintosh, an ISA which he continues to defend to this day. At Security Innovation, he has performed security assessments on a variety of systems, including robots for kids, audio transcription codecs, and electronic medical systems. He has previous experience administrating electronic medical systems, and deep experience in fuzzing, reverse engineering, and protocol analysis. His research has focused on techniques for in-memory fuzzing, IPC methods, and vulnerability discovery in electronic medical record systems and health care protocols. In his free time he works on music and synthesizers.
  • Maxwell Dulin / Strikeout - Security Engineer   as Maxwell Dulin
    Maxwell Dulin (Strikeout) is a senior security consultant hacking all things under the sun, from garage doors to web applications to operating systems. Maxwell has published many articles/talks for a plethora of heap exploitation techniques, assorted web application exploits and IoT devices. He has previously spoken at DEF CON 27s IoT Village, ToorCon, CanSecWest, Hackfest and DEF CON workshops. His research is focused on custom RF protocols and binary exploitation methods. In his free time, he plays with RF toys, hikes to fire lookouts and catches everything at dodgeball.

Similar Presentations: