This event has ended. Visit the official site or create your own event on Sched.
Back To Schedule
Saturday, October 12 • 3:30pm - 4:30pm
RT-3015 COModo - From Sandbox to SYSTEM

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.

Its 2019, Application Containment is all the rage and various vendors implement it in different ways, but do they always do it correctly? You probably wouldn't be reading this if they did. Come join me as I walk through 5 CVEs I discovered this year affecting Comodo Antivirus and their Containment technology. This talk explain how we abuse COM, Signed Binary bypasses, LPC/ALPC, and chaining of various vulns to successfully escape the Comodo Sandbox Container and Privilege Escalate ourselves to SYSTEM.

avatar for David Wells

David Wells

Sr. Research Engineer, Tenable
David Wells is a former Malware Reverse Engineer with strong emphasis on Windows Internals. David currently works on Tenable’s Zero Day Research team, uncovering new 0-day vulnerabilities in targets ranging from routers to well known applications and Operating Systems.

Saturday October 12, 2019 3:30pm - 4:30pm CDT
TEXAS BALLROOM - F Track 2 600 E Market St, San Antonio, TX Floor 4