From Sandbox to SYSTEM presented at TexasCyberSummit 2019

by David Wells,

Summary : Its 2019, Application Containment is all the rage and various vendors implement it in different ways, but do they always do it correctly? You probably wouldn't be reading this if they did. Come join me as I walk through 5 CVEs I discovered this year affecting Comodo Antivirus and their Containment technology. This talk explain how we abuse COM, Signed Binary bypasses, LPC/ALPC, and chaining of various vulns to successfully escape the Comodo Sandbox Container and Privilege Escalate ourselves to SYSTEM.