back

The Layman's Guide to Zero-Day Engineering

A demystification of the exploit development lifecycle

If you suspend your transcription on amara.org, please add a timestamp below to indicate how far you progressed! This will help others to resume your work!

Please do not press “publish” on amara.org to save your progress, use “save draft” instead. Only press “publish” when you're done with quality control.

Video duration
00:57:03
Language
English
Abstract
There's a certain allure to zero-day exploits. At the apex of the security industry, these elusive technologies are engineered by a persistent few to open doors of software systems that were never meant to exist. We go behind-the-scenes to provide an inside look at the zero-day development lifecycle, breaking common misconceptions regarding this increasingly difficult tradecraft.

In this talk, we will discuss the engineering process behind a <a href=”https://blog.ret2.io/2018/06/05/pwn2own-2018-exploit-development/”>zero-day</a> that was used to exploit Apple Safari at PWN2OWN 2018. Rather than placing an intense focus on the technical challenges required to weaponize this particular chain of vulnerabilities, we reflect on this experience as a case-study of the analytical approach we employ to attack unfamiliar software targets. In addition to these methods, we will contrast how this process differs from CTF/Wargame challenges, highlighting the path one can take to graduate from casual enthusiast to security professional.

Talk ID
9979
Event:
35c3
Day
2
Room
Borg
Start
10:10 p.m.
Duration
01:00:00
Track
Security
Type of
lecture
Speaker
Markus Gaasedelen
Amy (itszn)
Talk Slug & media link
35c3-9979-the_layman_s_guide_to_zero-day_engineering

Talk & Speaker speed statistics

Very rough underestimation:
175.4 wpm
952.4 spm
100.0% Checking done100.0%
0.0% Syncing done0.0%
0.0% Transcribing done0.0%
0.0% Nothing done yet0.0%
  

Work on this video on Amara!

Talk & Speaker speed statistics with word clouds

Whole talk:
175.4 wpm
952.4 spm
exploitbugcodebugstalkgoodworktimesecuritypeoplesafaripwn2ownstartreadexploitsexamplejavascriptvulnerabilitiessandboxsoftwarezero-daytargetblogbrowserwebctfdatawindowsprettyfuzzingprocessyearstargetsmarcusserverexperiencestepfindthingsstuffbuildabsolutelysimplesourcelineschallengestimesfuzzerpayloadwrite