主页 / 2017滴滴安全大会 / Many Birds, One Stone: Exploiting a Single SQLite Vulnerability Across Multiple Software
-
作者Kun Yang(@KelwinYang)
-
简介
- SQLite
- Known Attacks on SQLite
- Memory Corruption
- Fuzzing SQLite
- Data Types in SQLite
- Virtual Table Mechanism
- Complicated Extensions
- Complex Features vs Simple Type System
- Answers from SQLite source code
- Web SQL Database
- SQLite in browser is filtered
- Database Authorizer
- Android has disabled fts3_tokenizer
- Even SQLite itself
- WebKit has overridden the function now
- Bonus
- Whitelist function optimize
- Type Confusion
- FTS3 Tricks
- What do we control?
- Exploitation Strategy
- One Exploitation Path for Arbitrary RW
- Let's start a long journey...
- sqlite3Fts3Optimize
- ASLR Bypass
- Shellcode Execution
-
提示本站仅做资料的整理和索引,转载引用请注明出处
相关推荐
-
2023-10-16 04:54:34.778288 -
2016-07-31 14:41:52 -
2021-11-09 02:11:26.327986 -
2017-11-27 09:35:19
附件下载
-
Many.Birds,.One.Stone.杨坤.pdf