Wednesday

Room 3

16:20 - 17:20 (UTC+02)

Talk (60 min)

Demonstrating binary exploitation with a recent vulnerability

Binary exploitation is a common attack method in memory unsafe programs. Some might think binary exploitation is old news and rarely happens, but that’s wrong - it is highly relevant and common even in 2021! Marit and Christian introduce the concept of binary exploitation with code examples. They demonstrate how to exploit a recent vulnerability in Sudo by explaining the vulnerability and the exploit, and running it live! Then they will demonstrate ways to detect and prevent memory corruption vulnerabilities in your software.

C++
C
Security
Tools

Marit and Christian introduce the concept of binary exploitation with code examples. They demonstrate how to exploit a recent vulnerability in Sudo by explaining the vulnerability and the exploit, and running it live! Then they will demonstrate ways to detect and prevent memory corruption vulnerabilities in your software.

Marit Iren 👩‍💻🌈🐺♻️

Marit is a Senior Software Engineer working with secure development and application security at Sopra Steria. She is engaged in the hacking community in Norway and is the former leader of Norway’s largest CTF, TG:HACK.

Together, Marit and Christian compete in CTFs with the top Norwegian CTF team, bootplug. At the time of writing bootplug is ranked 7 in the world. In competitions Marit usually starts at the easy end of the binary exploitation challenges, while Christian starts at the advanced end. Together they make a great team!

Christian Resell

Christian is a security engineer working with tracking and analyzing APT actors. He has previously worked with vulnerability research and malware analysis. He is an avid CTF player and regularly solves challenges related to binary exploitation for his team.

Together, Marit and Christian compete in CTFs with the top Norwegian CTF team, bootplug. At the time of writing bootplug is ranked 7 in the world. In competitions Marit usually starts at the easy end of the binary exploitation challenges, while Christian starts at the advanced end. Together they make a great team!