ChaMd5 Team 00后登上国际安全顶会BlackHat!
日前,全球顶尖安全技术会议BlackHat Asia在新加坡召开,ChaMd5 Team成员zhefox受邀参会并作主题演讲。
议题介绍
《A Glimpse Into The Protocol: Fuzz Windows RDP Client For Fun And Profit》
At the end of June 2023, we decided to conduct vulnerability research on the Windows RDP client. Initially, we read some publicly available blogs and modified two open-source Windows RDP fuzzing projects. During this process, we successfully identified an old Windows RDP client vulnerability but did not discover any new vulnerabilities.
Just when we were hesitating, we studied Yuki Chen's presentation slides at Blackhat USA 2023. Subsequently, we decided to incorporate race conditions into the vulnerability research of the Windows RDP protocol, leading us to eventually uncover several remote code execution vulnerabilities in Windows RDP client.
This presentation will share the entire process of our Windows RDP client vulnerability research: why we chose Windows RDP as the target, how we collect public information to initiate research, how we modified open-source fuzzing tools to improve them, and how we overcame challenges to discover several remote code execution vulnerabilities in Windows RDP clients. We will also share details of the discovered Windows RDP client vulnerabilities.
At the end of this presentation, we will integrate the experiences mentioned above and give some recommendations for Windows RDP vulnerability defence.
目前,该议题的演讲PPT已经在BlackHat官网公开,有兴趣的读者请点击文末“阅读原文”了解更多精彩内容。
- END -
关注公众号:拾黑(shiheibook)了解更多
[广告]赞助链接:
四季很好,只要有你,文娱排行榜:https://www.yaopaiming.com/
让资讯触达的更精准有趣:https://www.0xu.cn/
关注网络尖刀微信公众号
随时掌握互联网精彩
随时掌握互联网精彩
赞助链接
排名
热点
搜索指数
- 1 澳门是伟大祖国的一方宝地 7933627
- 2 80岁顶级富豪再婚娶33岁华裔妻子 7995554
- 3 星巴克大罢工 7844553
- 4 2024 向上的中国 7762385
- 5 向佐 我一踢腿就会走光 7683786
- 6 男子钓上一条自带“赎金”的鱼 7588417
- 7 特朗普:马斯克不会成为总统 7450207
- 8 鹿晗录制新综艺 法令纹明显 7356560
- 9 韩国一军方驻地爆炸 3名平民被烧伤 7217711
- 10 大S老公具俊晔站C位跳女团舞 7115287