Description: Why send someone an executable when you can just send them a sidebar gadget? We will be talking about the windows gadget platform and what the nastyness that can be done with it, how are gadgets made, how are they distributed and more importantly their weaknesses. Gadgets are comprised of JS, CSS and HTML and are application that the Windows operating system has embedded by default. As a result there are a number of interesting attack vectors that are interesting to explore and take advantage of.
We will be talking about our research into creating malicious gadgets, misappropriating legitimate gadgets and the sorts of flaws we have found in published gadgets.
Mickey Shkatov AKA "Laplinker" , is a proud DC9723 member, not a Mossad agent, a breaker of code, a researcher of vulnerabilities that will never see the light of day, a lunatic and a fun guy to drink with.
Twitter: @laplinker
Tags: securitytube , hacking , hackers , information security , convention , computer security , defcon-20 , defcon-2012 ,
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.