As we secure applications leveraging sandboxes, it is important to understand the attack surface as it presents opportunities for attackers. In this talk we’ll decompose application sandboxes from the lens of a pen-tester. We look at various popular sandboxes such as Google Chrome, Adobe ReaderX, and Sandboxie, amongst others, and discuss the limitations of each technology and its implementation details. Further, we discuss in depth with live exploits how to break out of each category of sandbox by leveraging various kernel and user mode exploits – something that future malware could leverage. Some of these exploit vectors have not been discussed widely and awareness is important.
Rahul Kashyap is Chief Security Architect, Head of Security Research at Bromium. Before joining Bromium, he led the worldwide Threat Research teams at McAfee Labs, a wholly owned subsidiary of Intel. Rahul has created and worked on several security technologies that are deployed in highly sensitive military, government, banking and healthcare institutions around the world. He has led cyber defense strategies for several initiatives such as ‘Operation Aurora’ and similar high profile security investigations. He has published papers and articles in security journals, and is a speaker at several security conferences. Rahul holds a Master’s in Computer Systems and has several pending patents.