| Channel | Publish Date | Thumbnail & View Count | Download Video |
|---|---|---|---|
 | Publish Date not found |  0 Views |
In this talk, I'll share my story of how a high school student with virtually no knowledge of security research found his first RCE in Edge in just over a year.
After starting my bachelor's degree in computer science and mathematics, I started a new hobby: solving programming problems. The next logical step was to try harder problems, which led me to participate in CTF competitions. During these CTFs, I discovered that I was fascinated by vulnerabilities: finding errors or things that developers didn't think through. So I started to delve into the rabbit hole.
A year later, I found my first 0-day, a critical RCE in Edge. To understand this, we will examine the current trend of JIT Type Confusion vulnerabilities in ChakraCore. I will talk about the vulnerability I found, explain how I discovered it, and show similar vulnerabilities recently found by other researchers. Finally, I will demonstrate a working exploit of this vulnerability.
This session could be useful for both individuals interested in the security field and experienced security researchers who want to learn more about browser vulnerabilities and how to exploit them.
Jonathan Jacobi
https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9657.html
Please take the opportunity to connect with your friends and family and share this video with them if you find it useful.
