Radu Emanuel Chiscariu
Senior Security Research Engineer Ixia, a Keysight Business
Radu Emanuel Chiscariu is a Senior Security Researcher of Ixia’s Application and Threat Intelligence Research Center. Radu holds a MSc in Computer and Network Security from Politehnica University of Bucharest. With a background in network security, Radu specializes in the investigation of the current threats and the analysis of the latest vulnerabilities seen in the wild. He spends most of his time hunting for vulnerabilities or understanding and improving attack techniques.
Investigating Windows Graphics Vulnerabilities: A Reverse Engineering and Fuzzing Story
Vulnerabilities targeting Microsoft applications remain top priority for malicious actors. Taking into consideration the complexity and the multitude of modules available in Windows OS for example, one approach of identifying interesting weaknesses is fuzzing. This talk showcases in a detailed manner the mindset and the necessary steps to obtain a crash correlated to a Windows GDI+ vulnerability, which represents an essential building block for developing a fully working exploit. We will discuss about how binary diffing and fuzzing tools can be used in the exploit development process and give away some tricks to make your fuzzing campaigns more effective. By the end of the presentation, you should be familiar with harness development and WinAFL quirks, what criteria you should consider when choosing fuzzing targets and how could GDI vulnerabilities be exploited.
Are you the next cyber security superstar?
Ready for this year's presentations?
By registering you will unlock access to 60+ speakers and two full days with cyber security news & showcases from worldwide leaders.
Sponsors & Partners
They help us make this conference possible.
Orange „brings you closer to what matters to you”.
This is our brand promise: to bring our clients closer to what’s essential to them and to keep them always connected and in touch with the latest technologies, by offering them the best and safest communication experience.