Virtualization-Based Security (VBS) enclaves provide isolated environments for handling sensitive data. In this talk we will discuss the architecture of VBS enclaves, demonstrate how to create your own enclave, and explore practical exploitation techniques for existing vulnerable enclave DLLs. We will turn a read-write primitive into code execution within the enclave, show how to securely seal a beacon in an enclave during sleep and make it untouchable.
Talk
You can’t touch this: Secure Enclaves for Offensive Operations
March 13, 11:30 (CAMPUS)
Speaker
Matteo Malvica
Matteo Malvica is a senior content developer at OffSec and security researcher at Outflank, focusing on vulnerability research, exploit development, reverse engineering and operating system internals.
Cedric Van Bockhaven
Cedric loves solving offensive computer security puzzles, researching new attack vectors, and finding vulnerabilities in obscure technologies. At Outflank, he performs Red Teaming projects and works on the Outflank Security Tooling (OST).
