主页 / 2017滴滴安全大会 / Many Birds, One Stone: Exploiting a Single SQLite Vulnerability Across Multiple Software
-
作者Kun Yang(@KelwinYang)
-
简介
- SQLite
- Known Attacks on SQLite
- Memory Corruption
- Fuzzing SQLite
- Data Types in SQLite
- Virtual Table Mechanism
- Complicated Extensions
- Complex Features vs Simple Type System
- Answers from SQLite source code
- Web SQL Database
- SQLite in browser is filtered
- Database Authorizer
- Android has disabled fts3_tokenizer
- Even SQLite itself
- WebKit has overridden the function now
- Bonus
- Whitelist function optimize
- Type Confusion
- FTS3 Tricks
- What do we control?
- Exploitation Strategy
- One Exploitation Path for Arbitrary RW
- Let's start a long journey...
- sqlite3Fts3Optimize
- ASLR Bypass
- Shellcode Execution
-
提示本站仅做资料的整理和索引,转载引用请注明出处
相关推荐
-
2022-07-19 07:36:53.334132 -
2016-07-12 15:57:46 -
2019-12-07 11:44:48 -
2016-06-18 02:42:33
附件下载
-
Many.Birds,.One.Stone.杨坤.pdf