all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

New Wine in an Old Bottle: Attacking Chrome WebSQL

Add to bookmarks
Sept. 27, 2023, 6:21 p.m. | Black Hat

Black Hat www.youtube.com

Nowadays, multiple mitigation mechanisms have gradually been added to Google Chrome in order to reduce the traditional RCE attack surfaces (e.g., V8 and Blink), which greatly increases the attack difficulty. Besides these well-known attack surfaces, we found SQLite can be directly accessed by remote attackers via Chrome WebSQL API.

In this talk, we will present a mutation-based Fuzzer towards WebSQL....

By: Ziling Chen , Hongli Han , Nan Wang

Full Abstract & Presentation Materials:
https://www.blackhat.com/asia-23/briefings/schedule/#new-wine-in-an-old-bottle-attacking-chrome-websql-30653

api attack attackers attack surfaces blink chrome found google google chrome mitigation old order rce sqlite well-known wine

Visit resource

More from www.youtube.com / Black Hat

Black Hat Asia 2024 Highlights 2 weeks, 3 days ago | www.youtube.com
asia black hat black hat asia black hat asia 2024
Startup Spotlight Competition at Black Hat 1 month ago | www.youtube.com
bhusa blackhat cybersecurity infosec +1
Locknote: Conclusions and Key Takeaways from Day 2 1 month, 3 weeks ago | www.youtube.com
black hat black hat europe board board members +15
Locknote: Conclusions and Key Takeaways from Day 1 1 month, 3 weeks ago | www.youtube.com
black hat black hat europe board board members +16
Keynote: My Lessons from the Uber Case 1 month, 3 weeks ago | www.youtube.com
addition best practices case convicted +16
Keynote: Industrialising Cyber Defence in an Asymmetric World 1 month, 3 weeks ago | www.youtube.com
adversaries challenge cyber cyber defence +10
The Black Hat Europe Network Operations Center (NOC) Report 1 month, 3 weeks ago | www.youtube.com
back black hat black hat europe center +14
My Invisible Adversary: Burnout 1 month, 3 weeks ago | www.youtube.com
adversary attackers attacks burnout +11
The Magnetic Pull of Mutable Protection: Worked Examples in Cryptographic Agility 1 month, 3 weeks ago | www.youtube.com
analysis ask bad codeql +10

Jobs in InfoSec / Cybersecurity

Post a Job Search Talent

CyberSOC Technical Lead

@ Integrity360 | Sandyford, Dublin, Ireland
View on infosec-jobs.com

Cyber Security Strategy Consultant

@ Capco | New York City
View on infosec-jobs.com

Cyber Security Senior Consultant

@ Capco | Chicago, IL
View on infosec-jobs.com

Sr. Product Manager

@ MixMode | Remote, US
View on infosec-jobs.com

Security Compliance Strategist

@ Grab | Petaling Jaya, Malaysia
View on infosec-jobs.com

Cloud Security Architect, Lead

@ Booz Allen Hamilton | USA, VA, McLean (1500 Tysons McLean Dr)
View on infosec-jobs.com