BloomTech’s Downfall: A Long Time Coming

Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Browser Hacking With ANGLE

Hack In The Box Security Conference via YouTube

Start learning Write review

Overview

Limited-Time Offer: Up to 75% Off Coursera Plus!
7000+ certificate courses from Google, Microsoft, IBM, and many more.
India: 75% Off World: 40% Off
This course covers the basic knowledge of the ANGLE project and demonstrates how to utilize ANGLE in WebGL/WebGL2 within web browsers. It delves into analyzing vulnerabilities within ANGLE, including CVEs such as CVE-2021-30626 and CVE-2022-26717, and explores exploitable vulnerabilities leading to obtaining RCE in macOS. The course teaches about WebGL/ WebGL2 components, ANGLE architecture, and specific vulnerabilities in browsers like Chrome and Safari. The intended audience for this course includes individuals interested in browser bug hunting, exploitation, and web security. The teaching method involves a presentation format with detailed analysis and explanations of vulnerabilities and exploitation steps.

Syllabus

Intro
Background of ANGLE
ANGLE Architecture Overview
WebGL Implementation
Chrome texStorage3D Out of Bound Read
Safari MultiDrawArrays Heap overflow
Safari Transform Feedback Use After Free
Allocate Buffer Object
Exploitation Steps
JSC's Butterfly Overview
Step 1: Heap Spray
Trigger the Bug
Search Corrupted JSArray
Get JSCell and Structure ID
Get addrof/fakeobj primitives

Taught by

Hack In The Box Security Conference

Reviews

Start your review of Browser Hacking With ANGLE

Start learning

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Sign up for free
Someone learning on their laptop while sitting on the floor.