Скачать с ютуб видео #NullconBerlin2025

Не удается загрузить Youtube-плеер. Проверьте блокировку Youtube в вашей сети.
Повторяем попытку...

Скачать видео с ютуб по ссылке или смотреть без блокировок на сайте: #NullconBerlin2025 в качестве 4k

У нас вы можете посмотреть бесплатно #NullconBerlin2025 или скачать в максимальном доступном качестве, видео которое было загружено на ютуб. Для загрузки выберите вариант из формы ниже:

Информация по загрузке:

Скачать mp3 с ютуба отдельным файлом. Бесплатный рингтон #NullconBerlin2025 в формате MP3:

Если кнопки скачивания не загрузились НАЖМИТЕ ЗДЕСЬ или обновите страницу
Если возникают проблемы со скачиванием видео, пожалуйста напишите в поддержку по адресу внизу страницы.
Спасибо за использование сервиса ClipSaver.ru

#NullconBerlin2025

Presentation: https://berlin2025.nullcon.net/berlin... Speaker: Pascal Beyer Talk Title: RDP and The Power of Deterministic Snapshot Fuzzing As critical surface becomes more and more secure and mitigations become more and more effective, it has become a recent trend for security researchers to develop complex tooling specialized to attack specific targets. For attacking an operating system kernel this tooling is usually required to include a hypervisor or emulator. Especially emulators provide an excellent analysis platform for root-causing bugs and implementing scalable and deterministic tools like coverage-driven fuzzers. In 2022, Colas Le Guernic and Jérémy Rubert showed that snapshot fuzzing can be very useful for attacking targets like the Remote Desktop Client, by using the bochscpu and/or kvm based system "What the Fuzz" to target the graphical component of the Microsoft RDP Client and finding CVE-2022-30221, a vulnerability inside the D3D11 software rasterizer implementation. Expanding on that topic, in this talk, we aim to showcase the advantages of using an emulator specifically designed for snapshot fuzzing. We will do this, by looking at three recent CVE's discovered using our own system: SNAFUzz. First, we will introduce the basics of snapshot fuzzing by discussing CVE-2025-[Undisclosed_0], a simple kernel vulnerability. Then we will target RDP and see how, inside an emulator, one can introduce allocation tracking and out-of-bounds detection to find heap memory leak vulnerabilities like CVE-2025-32715. Finally, we take a look at a remote code execution vulnerability found in a pre-release version of the RDP Client. It will serve as an example how the complete determinacy of an emulator can be used to fully understand a somewhat complicated and convoluted vulnerability, by reproducing and debugging it over and over again. ----------------- Follow Nullcon on Facebook: / nullcon X: / nullcon LinkedIn: / posts Website: https://nullcon.net/

Comments