Пожалуйста, обратите внимание, что пользователь заблокирован
Automating Your Job? The Future of AI and Exploit Development
youtube.com/watch?v=Y1naY3gupRw
Skin in the Game: Survival of GPU IOMMU Irregular Damage
youtube.com/watch?v=e4t_xYPOq9w
Entrysign: Create Your Own x86 Microcode for Fun and Profit
youtube.com/watch?v=sUFDKTaCQEk
Parser Differentials: When Interpretation Becomes a Vulnerability
youtube.com/watch?v=Dq_KVLXzxH8
Hunting for Overlooked Cookies in Windows 11 KTM and Baking Exploits for Them
youtube.com/watch?v=goEb7eKj660
Android In-The-Wild: Unexpectedly Excavating a Kernel Exploit
youtube.com/watch?v=lnK1iACJ3-c
Breaking the Sound Barrier: Exploiting CoreAudio via Mach Message Fuzzing
youtube.com/watch?v=USQtPedx9Xg
KernelGP: Racing Against the Android Kernel
youtube.com/watch?v=DJBGu2fSSZg
Journey to Freedom: Escaping from VirtualBox
youtube.com/watch?v=i-3zUmdXpNI
Chainspotting 2: The Unofficial Sequel to the 2018 Talk “Chainspotting”
youtube.com/watch?v=LAIr2laU-So
No Signal, No Security: Dynamic Baseband Vulnerability Research
youtube.com/watch?v=zoAITq7jUM8
Attacking Browsers via WebGPU
youtube.com/watch?v=8Uv6KdATePc
Fighting Cavities: Securing Android Bluetooth by Red Teaming
youtube.com/watch?v=PgnRkL0sd0w
Frame by Frame, Kernel Streaming Keeps Giving Vulnerabilities
youtube.com/watch?v=rHyFnkrJ3Ws
Garbage Collection in V8
youtube.com/watch?v=sM2d0ciaeiI
Finding and Exploiting 20-Year-Old Bugs in Web Browsers
youtube.com/watch?v=U1kc7fcF5Ao
How Offensive Security Made Me Better at Defense: Keynote
youtube.com/watch?v=60BcjiChncE
https://www.offensivecon.org/speakers/2025/perri-adams.htmlThe extent of artificial intelligence’s abilities is the topic du jour in academia, industry, geopolitics, and even on social media. For good reason: AI has the ability to upend society in a new technological revolution. In AI-safety discussions, focus has concentrated on AI’s abilities to specialize in several specific, highly-skilled areas of expertise, one of which is offensive cyber. But, as practitioners in this space know well, expertise is difficult to hone, and hard to come by.
It will take years to fully understand how AI will enable reverse engineering, vulnerability discovery, and exploit development, but over the last several years, we have begun to form an understanding of what models do well, and where they struggle. In this keynote, we’ll dive into what models are capable of today, what they may accomplish tomorrow, and how they will alter this area of computer science in the years to come. From fundamental realities of computer science, such as the Halting Problem and state explosion, to the question of emergent capabilities in models and the ongoing quest to develop metrologies for their performance in specialized areas, the AI community needs the expertise of offensive security practitioners to understand what this technology can, and cannot, do. And perhaps, in turn, the offensive security community needs AI to bring about the next generation of innovation.
youtube.com/watch?v=Y1naY3gupRw
Skin in the Game: Survival of GPU IOMMU Irregular Damage
https://www.offensivecon.org/speakers/2025/fish-and-ling-hanqin.htmlAs the attack surface of modern Android devices shrinks and the number of software and hardware mitigations increases, GPU drivers have emerged as a prime target for mobile device exploitation.
In this presentation, we will explain the memory management methods of the three GPUs (Adreno, Mali, and PowerVR), highlight their similarities and differences. Furthermore, we will demonstrate practical exploitation of GPU MMU vulnerabilities to achieve universal root access. Additionally, we will discuss various limitations present in the exploitation. Finally, we will present root demonstrations across multiple Android devices and discuss some effective mitigation strategies for GPU MMU vulnerabilities.
Overall, we have conducted an in-depth analysis of the MMU components of the three major GPUs in Android devices, discovered several vulnerabilities and developed the exploitation techniques.
youtube.com/watch?v=e4t_xYPOq9w
Entrysign: Create Your Own x86 Microcode for Fun and Profit
https://www.offensivecon.org/speake...pq-janke-josh-eads-and-eduardo-vela-nava.htmlMicrocode is a fundamental building block for x86 CPUs – implementing everything from complex x86 instructions, to privilege transitions and virtualization. Beyond ring 0 and SMM lies the microcode privilege level, with maximum control over the x86 core and the internal buffers within. Accessing and tinkering with microcode is a hacker’s dream, but cryptographic protections prevent all but Intel and AMD from doing so. Previous work has demonstrated methods to bypass microcode patch authentication on the Intel Atom and reverse engineer the microcode ISA enough to write sophisticated custom microcode patches (Intel Atom Goldmont and AMD K8/10). However, easily accessible arbitrary microcode execution was unavailable on modern high-performance CPUs until now.
In this talk we present the full details about EntrySign, a cryptographic flaw in AMD’s microcode patch verification logic, including how we discovered the bug and how you can extend our results. EntrySign lets us execute arbitrary microcode on all AMD CPUs from Zen to Zen 4 and modify the behavior of x86 instructions. We will delve into the format of AMD microcode, how their patches are verified, how we were able to reverse engineer this process, and how we were able to access the key information required to defeat it. Finally, we are releasing all of the tools necessary to reproduce our work and continue building upon our research – including a short demo showing how to write and install your own microcode patch.
youtube.com/watch?v=sUFDKTaCQEk
Parser Differentials: When Interpretation Becomes a Vulnerability
https://www.offensivecon.org/speakers/2025/joernchen.htmlParsers are fundamental components of modern systems, silently processing everything from network protocols to file formats - and rarely do they stand alone.
For any given format or protocol, multiple parser implementations exist across different languages, frameworks, and security boundaries.
This talk delves into parser differential bugs: The fascinating and dangerous phenomena that emerge when these different parsers interpret the same message in slightly different ways.
Through practical demonstrations focused on YAML parsers across popular implementations, we'll examine how subtle variations in specification interpretation, edge case handling, and error recovery can lead to "very useful differences"¹. Using YAML as our case study, we'll uncover how these parser differentials manifest in real-world applications and create impactful security vulnerabilities in production systems.
We'll also explore notable parser differential vulnerabilities discovered by security researchers in the wild, showcasing the broader impact and creative applications of this technique across different formats and contexts.
¹) vulnerabilities
youtube.com/watch?v=Dq_KVLXzxH8
Hunting for Overlooked Cookies in Windows 11 KTM and Baking Exploits for Them
https://www.offensivecon.org/speakers/2025/cedric-halbronn-and-jael-koh.htmlThe Windows Kernel Transaction Manager (KTM) driver is a widely accessible yet critically overlooked attack surface.
Thanks to prior research by Cedric Halbronn and Aaron Adams into an in-the-wild KTM exploit, (CVE-2018-8611) most of KTM's internals have been well documented - except two objects.
After attending Cedric's "Windows Exploit Engineering Foundation" training, Jael Koh investigated these two objects. To his surprise, Jael ended up discovering and reporting two Use-After-Free vulnerabilities in KTM within a span of three weeks. Microsoft has since fixed both vulnerabilities in the October 2024 Patch Tuesday Update. (CVE-2024-43570 and CVE-2024-43535).
This talk, presented jointly by Jael and Cedric, will showcase the journey uncovering these vulnerabilities and the challenges in exploiting them on Windows 11.
youtube.com/watch?v=goEb7eKj660
Android In-The-Wild: Unexpectedly Excavating a Kernel Exploit
https://www.offensivecon.org/speakers/2025/seth-jenkins.htmlKernel crash logs from an in-the-wild Android exploit represent a rare window into real-world attacker techniques - but without a corresponding exploit sample, deriving insight from these limited artifacts is a substantial technical challenge. In this presentation, I’ll bring you along on a journey from kernel crash log analysis, to classical vulnerability research, to an ITW bug report, as we push our analysis abilities to the limit and beyond. I’ll finish with a brief discussion on what we can infer about the exploit strategy from the kernel logs.
youtube.com/watch?v=lnK1iACJ3-c
Breaking the Sound Barrier: Exploiting CoreAudio via Mach Message Fuzzing
https://www.offensivecon.org/speakers/2025/dillon-franke.htmlThis research presents a deep dive into macOS Inter-Process Communication (IPC) security, focusing on the often-overlooked attack surface of Mach message handlers. These handlers are commonly used by system daemons to expose privileged, RPC-like functionality—and their complexity creates opportunities for sandbox escapes and local privilege escalation.
In this talk, I’ll share how I used structured fuzzing to uncover vulnerabilities in these message handlers, specifically targeting thecoreaudiodsystem daemon. Central to this effort is a technique I call API call chaining—a powerful way to guide coverage-based fuzzers through complex, stateful API interactions.
Using a custom-built fuzzing harness, dynamic instrumentation, and a combination of static and runtime analysis, I discovered several security issues—including a high-impact memory corruption vulnerability. I’ll walk through the full exploitation process I developed to turn this bug into a sandbox escape on modern macOS.
Along the way, I’ll discuss the key challenges I faced, such as properly initializing the CoreAudio subsystem, mocking unstable components, and building a targeted grammar to drive deeper fuzzing coverage.
Finally, I’ll introduce the open-source fuzzing harness and tools I developed during this research, aimed at making IPC-focused fuzzing on macOS more accessible to the security community.
youtube.com/watch?v=USQtPedx9Xg
KernelGP: Racing Against the Android Kernel
https://www.offensivecon.org/speakers/2025/chariton-karamitas.htmlRace conditions constitute a major vulnerability class affecting all types of concurrent software, with the Android kernel being no exception. In this presentation, after summarizing existing work, we will present 4 novel userland techniques for forcing the Android kernel to block, thus allowing an attacker to win race conditions more easily. The presented techniques can be used from theuntrusted_app, as well as from thesystem_serverand SELinux contexts, from where attackers usually execute further attacks (e.g. kernel LPEs). During the presentation, we will perform a deep technical review of Android internals and give live demonstrations of all the developed techniques. We will conclude with future work directions and open questions.
youtube.com/watch?v=DJBGu2fSSZg
Journey to Freedom: Escaping from VirtualBox
https://www.offensivecon.org/speakers/2025/corentin-bayet-and-bruno-pujos.htmlExploiting a hypervisor is already a challenge; chaining it with a Windows kernel LPE to achieve full host compromise makes it even harder. At Pwn2Own Vancouver 2024, we broke free from VirtualBox and escalated our privileges on the Windows host, turning a controlled guest VM into full administrator access on the host.
This session dives into VirtualBox's internals and architecture, offering a comprehensive overview that highlights critical vulnerabilities discovered. It will cover how we identified and exploited multiple vulnerabilities, bypassed mitigations, and executed arbitrary code on the host. This includes insights into research strategies, focus selection, tool usage, and lessons learned from mistakes.
We’ll conclude with an inside look at the Pwn2Own contest itself: our exploit setup, the hardware surprises, and how everything came together. If you’re into hypervisor exploitation, or just enjoy a good hacking war story, this talk is for you.
youtube.com/watch?v=i-3zUmdXpNI
Chainspotting 2: The Unofficial Sequel to the 2018 Talk “Chainspotting”
https://www.offensivecon.org/speakers/2025/ken-gannon.htmlAt Pwn2Own Ireland 2024 (sometimes referred to as Mobile Pwn2Own 2024), there were 61 entries targeting...IoT devices and printers. No wonder "mobile" is not in the event's title anymore. Thankfully, there was still 1 entry that targeted, and successfully pwned, the Samsung Galaxy S24. And now that the issues are patched, it is time to disclose those technical details!
The full exploit chain consisted of five different issues across several different applications, resulting in the ability to install arbitrary APKs. This talk will discuss the bugs that were discovered, how they were chained together, and the issues encountered while developing the Pwn2Own entry.
There are no stories about vendors being lame this year. Just pure technical details about the bugs, and how a ""Path Traversal"" issue ended up being the most interesting bug in the entire exploit chain.
youtube.com/watch?v=LAIr2laU-So
No Signal, No Security: Dynamic Baseband Vulnerability Research
https://www.offensivecon.org/speakers/2025/daniel-klischies-and-david-hirsch.htmlWhat if you do not need to be a journalist accidentally invited into a Signal group to snoop on someones communication? What if you could gain RCE on a smartphone without a complex combination of exploits, ASLR bypasses and ROP chains? Join us to learn how we got remote code execution on MediaTek basebands using BaseBridge, an extension to the FirmWire baseband emulator. BaseBridge is capable of transferring state from a physical phone to the emulator, enabling the emulated baseband to process messages as if connected to a real network. We demonstrate how BaseBridge automatically found vulnerabilities in Samsung and MediaTek basebands via fuzzing, simplified the triaging process, and how we leveraged this to develop a proof-of-concept remote code execution exploit.
youtube.com/watch?v=zoAITq7jUM8
Attacking Browsers via WebGPU
https://www.offensivecon.org/speakers/2025/lukas-bernhard.htmlWebGPU is a new browser standard that allows us to access the capabilities of GPUs from the web -- benefiting complex computations, such as required by game engines and local LLMs. But the complex machinery needed to convert a shader program into native GPU machine code means a huge attack surface is now reachable from the web. Even worse, this shader compilation pipeline is only weakly sandboxed if at all (depending on the platform). In our talk, we take a deep dive into the shader compilation pipeline, exploring how shaders embedded in websites are processed until they end up in the GPU. We present how we wrote a domain-specific fuzzer to uncover memory corruption vulnerabilities in the respective compilers of Mali, DirectX, and Mesa. As a result of our research, we demonstrate numerous vulnerabilities reachable from Chrome.
youtube.com/watch?v=8Uv6KdATePc
Fighting Cavities: Securing Android Bluetooth by Red Teaming
https://www.offensivecon.org/speakers/2025/jeong-wook-oh-rishika-hooda-and-xuan-xing.htmlBluetooth security has been a risky area due to multiple factors: its remotely accessible nature, the stack’s complexity and privileged execution context in the Android platform are a perfect combination that has been attracting the attention of security researchers for years. In this session the authors will talk about the offensive Bluetooth research aiming at identifying remotely exploitable vulnerabilities in AOSP’s. Bluetooth implementation with security mitigations enabled (e.g. hardened scudo allocator, etc). This presentation will feature an RCE demo, cover in detail our bug hunting and exploitation approaches and highlight results of our collaboration with the Android Bluetooth security team on hardening this attack surface.
We will give a short intro to a Bluetooth architecture as it is implemented in AOSP. To identify vulnerabilities in Bluetooth we used a wide arsenal of tools from both dynamic analysis and static analysis: fuzzing, variant analysis with CodeQL, code verification with KLEE. We will provide detailed analysis of the findings and discuss their exploitability on Android devices.Achieving remote code execution on the victim’s device using the identified vulnerabilities in Bluetooth stack is a challenging task thanks to its security mitigations.
The authors will demonstrate a RCE exploit via Bluetooth and explain how it works, touching on bypassing security mitigations such as the Scudo hardened heap allocator. This presentation examines two critical vulnerabilities, CVE-2023-35673 and CVE-2023-35681, which exploit MTU weaknesses in the Bluetooth Low Energy (BLE) GATT and EATT protocols. These vulnerabilities enable unauthenticated remote code execution in proximity. Additionally, we will discuss several other noteworthy vulnerabilities affecting different components of the Bluetooth stack.
We will conclude the presentation by discussing the hardening effort by the Android Bluetooth security team to render the attacks described in the presentation not exploitable.
youtube.com/watch?v=PgnRkL0sd0w
Frame by Frame, Kernel Streaming Keeps Giving Vulnerabilities
https://www.offensivecon.org/speakers/2025/angelboy.htmlKernel Streaming emerged as a new attack surface in the Windows kernel last year, leading to numerous in-the-wild exploits. Over the past year, we also uncovered “proxying to kernel”, a logical bug class that circumvents many privilege checks in the kernel, making exploitation very straightforward. However, this is just the tip of the iceberg for Kernel Streaming.
This time, we drive our focus to one of the most common input source to Kernel Streaming - frames from a webcam. What if a carefully crafted frame doesn’t just get played as an image, it also “plays” with your memory? In this presentation, we’re going to reveal a new array of bug classes, from which we’ve identified more than 10 vulnerabilities. We’ll talk about the design flaws that led to them, how they might look unexploitable at first glance, and how we turn some of them into arbitrary physical memory writes.
By the end of this talk, the attendees will learn elegant exploitation techniques to bypass most of modern kernel mitigations, along with methodologies for identifying and analyzing similar vulnerability patterns. By witnessing firsthand the true power of these bug classes, attendees will not only be able to discover more local privilege escalation vulnerabilities in Windows, but also better defend against them.
youtube.com/watch?v=rHyFnkrJ3Ws
Garbage Collection in V8
https://www.offensivecon.org/speakers/2025/richard-abou-chaaya-and-john-stephenson.htmlGarbage collection is a fundamental part of any JavaScript engine. From a security research perspective it is interesting both as a rich attack surface and as a source of primitives for exploitation and reliability. However, despite the integral role it plays in V8, public documentation on its internals is generally scarce, and few public proof of concept exploits relating to bugs in the GC exist. This talk aims to bring to light V8’s various garbage collectors. Specifically we will discuss current development efforts relating to the ongoing switch from precise to conservative root tracking and explain an initial access bug we found in the Minor Mark-Sweep collector. We will also discuss the interaction between the GC and V8’s heap sandboxing mitigation, demonstrating a GC based heap sandbox escape.
youtube.com/watch?v=sM2d0ciaeiI
Finding and Exploiting 20-Year-Old Bugs in Web Browsers
https://www.offensivecon.org/speakers/2025/ivan-fratric.htmlAlthough XSLT in web browsers has been a known attack surface for some time, there are still plenty of bugs to be found in it, when viewing it through the lens of modern vulnerability discovery techniques. In this presentation, we will talk about how we found multiple vulnerabilities in XSLT implementations across all major web browsers. We will showcase vulnerabilities that remained undiscovered for 20+ years, difficult to fix bug classes with many variants as well as instances of less well-known bug classes that break memory safety in unexpected ways. We will show a working exploit against at least one web browser using these bugs.
youtube.com/watch?v=U1kc7fcF5Ao
How Offensive Security Made Me Better at Defense: Keynote
https://www.offensivecon.org/speakers/2025/dino-dai-zovi.htmlIn many ways, there is often a creative tension between security and functionality or flexibility. We can often improve security by restricting what is possible, but at the same time, high-quality systems and software engineering provides functionality and flexibility, even for unanticipated use-cases. It turns out that the hardest problem on defense is knowing precisely how much security is the right amount everywhere, all at once. If you secure things too much, you can suffocate future growth, but if you don’t secure them enough, you might get pwned.
Like many, I got into cybersecurity because I was obsessed with the puzzles of how to compromise software and systems. While I also did things like build firewalls for companies (don’t judge, I was young and needed the money), what I really loved was exploitation, vulnerability discovery, and penetration testing. What I didn’t love, however, was how monotonous it eventually started to feel for me.
After spending roughly two decades focusing on offensive security, I switched to the other side. What I found was that after thinking like an attacker for so long, I could help prioritize my and others’ work using my understanding of what attack paths would be easy vs. which ones would be hard for attackers. What I also found was that I loved challenging myself and others to discover designs for defensive systems that we knew would be excruciatingly difficult to attack and where leverage can help defenders over attackers.
While I don’t expect that this talk will cause a massive influx of OffensiveCon attendees to rush to join the blue team, I hope to make the case that offensive security knowledge is a super-power for proactive security engineering and defense. Ultimately, offense and defense are two sides of the same chessboard, and getting good at one also helps you get better at the other."
youtube.com/watch?v=60BcjiChncE
