Presented at
ToorCon San Diego 17 (2015),
Oct. 25, 2015, 3:30 p.m.
(20 minutes).
Until November 2013 (CVE-2013-3906), vulnerabilities within Object Linking & Embedding were not publicly disclosed. This changed at BlackHat USA 2015 when Haifei & Bing presented “Attacking Interoperability: An OLE Edition”. This examined the internals of OLE. Over the past few months, several malware campaigns targeting high-profile organizations were discovered to be exploiting separate flaws within OLE objects that leveraged similar exploitation tactics as seen in the original CVE-2013-3906 malware sample. This talk aims to provide an in-depth coverage of the techniques used to exploit these types of issues and a full-stack introduction to the underlying object structures. At the end of the talk, attendees will understand the exploit development lifecycle of this class of vulnerability, and how to identify and analyze such exploits within MS Word document files.
Presenters:
-
Dominic Wang
Dominic Wang is a consultant at NCC Group. Prior to NCC Group, he was a consultant at Matasano Security. Dominic has been a part of a wide range of security assessments. He has assessed the security of applications developed on a diverse set of platforms. Furthermore, he specialized in reverse engineering and exploit development on major platforms and applications.
Similar Presentations: