Nick Copi, an application security engineer at CarMax, seamlessly balances his professional role with a fervent pursuit of security research. From architecting full-stack web applications to spearheading innovative security initiatives at CarMax, Nick’s diverse background enriches his insights, allowing him to bring a multifaceted perspective to his endeavors. His dominance in cybersecurity competitions, including numerous 1st place CTF victories, highlights his adeptness. As the former president of the VCU Cyber Security Club and a co-organizer of the OffsecRVA meetup group, he ardently fosters community engagement and knowledge exchange. With a knack for blending practical experience and strategic vision, Nick embodies a commitment to excellence in both his professional endeavors and his contributions to the broader cybersecurity community. X (Twitter): @7urb01
Some Assembly Required: Weaponizing Chrome CVE-2023-2033 for RCE in Electron (<– add to your schedule)
In this presentation, the development process of a remote code execution (RCE) exploit for CVE-2023-2033 is discussed. CVE-2023-2033 is an N-day type confusion vulnerability that affects Google Chrome for Windows, Mac, and Linux with which an attacker can exploit Chrome V8 engine to cause heap corruption via a crafted HTML page and gain RCE. Prior to this presentation, a public RCE exploit for this vulnerability did not exist. This exploit is based on publicly available proof of concept code that uses this vulnerability to implement v8 heap read/write/addrof primitives. This presentation focuses on weaponizing these primitives to achieve remote code execution consistently on an unsandboxed renderer process of an Electron version running a vulnerable version of Chrome. Methods to hijack the render process instruction pointer and to write and execute specially encoded chunks of shellcode using these primitives are discussed.