主页 / 2017滴滴安全大会 / Many Birds, One Stone: Exploiting a Single SQLite Vulnerability Across Multiple Software
-
作者Kun Yang(@KelwinYang)
-
简介
- SQLite
- Known Attacks on SQLite
- Memory Corruption
- Fuzzing SQLite
- Data Types in SQLite
- Virtual Table Mechanism
- Complicated Extensions
- Complex Features vs Simple Type System
- Answers from SQLite source code
- Web SQL Database
- SQLite in browser is filtered
- Database Authorizer
- Android has disabled fts3_tokenizer
- Even SQLite itself
- WebKit has overridden the function now
- Bonus
- Whitelist function optimize
- Type Confusion
- FTS3 Tricks
- What do we control?
- Exploitation Strategy
- One Exploitation Path for Arbitrary RW
- Let's start a long journey...
- sqlite3Fts3Optimize
- ASLR Bypass
- Shellcode Execution
-
提示本站仅做资料的整理和索引,转载引用请注明出处
相关推荐
-
2019-07-16 14:05:59
-
2016-03-13 14:59:11
-
2023-05-01 13:39:11.624758
-
2020-10-15 14:45:52.501531
附件下载
-
Many.Birds,.One.Stone.杨坤.pdf