Exposing Hidden Exploitable Behaviors In Programming Languages Using Differential Fuzzing

Дата: 08.01.2020. Автор: CISO CLUB. Категории: Подкасты и видео по информационной безопасности

This paper reveals the most serious vulnerabilities found in each language. It includes practical examples identifying which undocumented functions could allow OS command execution, when sensitive file contents may be partially exposed in error messages, how native code is being unexpectedly interpreted – locally and remotely – and when constant’s names could be used as regular strings for OS command execution.

By Fernando Arnaboldi

Full Abstract & Presentation Materials: https://www.blackhat.com/eu-17/briefings.html#exposing-hidden-exploitable-behaviors-in-programming-languages-using-differential-fuzzing


Об авторе CISO CLUB

Редакция портала cisoclub.ru. Добавляйте ваш материал на сайт в разделе "Разместить публикацию".
Читать все записи автора CISO CLUB

Добавить комментарий

Ваш адрес email не будет опубликован. Обязательные поля помечены *