{"guid":"9f8b19eb-31cb-4250-80d4-5caf4e0b33dd","title":"The Layman's Guide to Zero-Day Engineering","subtitle":"A demystification of the exploit development lifecycle","slug":"35c3-9979-the_layman_s_guide_to_zero-day_engineering","link":"https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9979.html","description":"There's a certain allure to zero-day exploits. At the apex of the security industry, these elusive technologies are engineered by a persistent few to open doors of software systems that were never meant to exist. We go behind-the-scenes to provide an inside look at the zero-day development lifecycle, breaking common misconceptions regarding this increasingly difficult tradecraft.\n\nIn this talk, we will discuss the engineering process behind a \u003ca href=”https://blog.ret2.io/2018/06/05/pwn2own-2018-exploit-development/”\u003ezero-day\u003c/a\u003e that was used to exploit Apple Safari at PWN2OWN 2018. Rather than placing an intense focus on the technical challenges required to weaponize this particular chain of vulnerabilities, we reflect on this experience as a case-study of the analytical approach we employ to attack unfamiliar software targets. In addition to these methods, we will contrast how this process differs from CTF/Wargame challenges, highlighting the path one can take to graduate from casual enthusiast to security professional.\n\n\u003ca href=\"https://ret2.io\"\u003ehttps://ret2.io\u003c/a\u003e","original_language":"eng","persons":["Markus Gaasedelen","Amy (itszn)"],"tags":["35c3","9979","Security"],"view_count":2914,"promoted":false,"date":"2018-12-28T00:00:00.000+01:00","release_date":"2018-12-29T01:00:00.000+01:00","updated_at":"2026-04-07T23:30:08.137+02:00","length":3423,"duration":3423,"thumb_url":"https://static.media.ccc.de/media/congress/2018/9979-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2018/9979-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2018/9979-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2018/9979-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/35c3-9979-the_layman_s_guide_to_zero-day_engineering","url":"https://api.media.ccc.de/public/events/9f8b19eb-31cb-4250-80d4-5caf4e0b33dd","conference_title":"35C3: Refreshing Memories","conference_url":"https://api.media.ccc.de/public/conferences/35c3","related":[{"event_id":6400,"event_guid":"527b56af-8d56-4edb-9027-9ca60767c742","weight":54},{"event_id":6411,"event_guid":"42650545-4394-4455-a5f5-9efad111fedc","weight":59},{"event_id":6419,"event_guid":"96d10915-cc4b-42ca-ad75-15205db70d0b","weight":51},{"event_id":6432,"event_guid":"de977841-8510-4172-9622-dd0563c2cb82","weight":49},{"event_id":6435,"event_guid":"9777cea0-ac06-4274-85db-908c1e87e2f4","weight":103},{"event_id":6457,"event_guid":"74b9c748-970f-4693-ac7e-46fcc733d2b4","weight":51},{"event_id":6462,"event_guid":"23e85d7a-9645-4ae2-9954-63b71abc08d4","weight":53},{"event_id":6474,"event_guid":"f58a2b6d-bde0-483b-a8db-043ea9371cb6","weight":71},{"event_id":6477,"event_guid":"c85de43e-107e-4247-b550-946f376e2ec4","weight":56},{"event_id":6481,"event_guid":"948fee49-de6f-42b1-82f8-045af2aa155e","weight":76},{"event_id":6492,"event_guid":"bc545b26-8319-43fb-abc2-f624ef414ee8","weight":68},{"event_id":6493,"event_guid":"2375222b-7dae-4bca-a5b0-aea227ab0d76","weight":87},{"event_id":6498,"event_guid":"4e6ab724-8663-456a-ac01-1cfdfc94c27f","weight":196},{"event_id":6499,"event_guid":"a750228d-a37d-43c0-8e2f-d46137a991dc","weight":35},{"event_id":6500,"event_guid":"064a7014-a88c-462a-b06f-7d6de62d622f","weight":60},{"event_id":6507,"event_guid":"787007cf-828d-4409-94b0-90a0b8d727a0","weight":36},{"event_id":6514,"event_guid":"7228f88d-8d6f-40a9-a5dd-b5c91b823ada","weight":46},{"event_id":6523,"event_guid":"240fe8a1-ee33-4f07-88d0-34b8bb04db71","weight":52},{"event_id":6530,"event_guid":"83bf042d-7382-4975-a3f8-92229944b8fc","weight":62},{"event_id":6531,"event_guid":"4fff6281-e452-4d64-bf9a-bc677614776a","weight":76},{"event_id":6536,"event_guid":"0a4a43e0-2b8d-424c-aaa3-101c843de75c","weight":58},{"event_id":6603,"event_guid":"ea00d1e0-a580-415f-a8cf-f02883d939dc","weight":66},{"event_id":6611,"event_guid":"b1b28bd0-5279-4950-8385-9ee8a57187f9","weight":53}],"recordings":[{"size":null,"length":null,"mime_type":"application/x-subrip","language":"eng","filename":"35c3-9979-eng-deu-fra-The_Laymans_Guide_to_Zero-Day_Engineering.en.srt","state":"complete","folder":"","high_quality":true,"width":null,"height":null,"updated_at":"2021-02-21T19:46:06.406+01:00","recording_url":"https://cdn.media.ccc.de/congress/2018/35c3-9979-eng-deu-fra-The_Laymans_Guide_to_Zero-Day_Engineering.en.srt","url":"https://api.media.ccc.de/public/recordings/45395","event_url":"https://api.media.ccc.de/public/events/9f8b19eb-31cb-4250-80d4-5caf4e0b33dd","conference_url":"https://api.media.ccc.de/public/conferences/35c3"},{"size":321,"length":3423,"mime_type":"video/mp4","language":"eng","filename":"35c3-9979-eng-The_Laymans_Guide_to_Zero-Day_Engineering.mp4","state":"new","folder":"h264-hd","high_quality":true,"width":1920,"height":1080,"updated_at":"2018-12-29T11:58:45.176+01:00","recording_url":"https://cdn.media.ccc.de/congress/2018/h264-hd/35c3-9979-eng-The_Laymans_Guide_to_Zero-Day_Engineering.mp4","url":"https://api.media.ccc.de/public/recordings/31684","event_url":"https://api.media.ccc.de/public/events/9f8b19eb-31cb-4250-80d4-5caf4e0b33dd","conference_url":"https://api.media.ccc.de/public/conferences/35c3"},{"size":321,"length":3423,"mime_type":"video/mp4","language":"deu","filename":"35c3-9979-deu-The_Laymans_Guide_to_Zero-Day_Engineering.mp4","state":"new","folder":"h264-hd","high_quality":true,"width":1920,"height":1080,"updated_at":"2018-12-29T11:58:57.133+01:00","recording_url":"https://cdn.media.ccc.de/congress/2018/h264-hd/35c3-9979-deu-The_Laymans_Guide_to_Zero-Day_Engineering.mp4","url":"https://api.media.ccc.de/public/recordings/31685","event_url":"https://api.media.ccc.de/public/events/9f8b19eb-31cb-4250-80d4-5caf4e0b33dd","conference_url":"https://api.media.ccc.de/public/conferences/35c3"},{"size":320,"length":3423,"mime_type":"video/mp4","language":"fra","filename":"35c3-9979-fra-The_Laymans_Guide_to_Zero-Day_Engineering.mp4","state":"new","folder":"h264-hd","high_quality":true,"width":1920,"height":1080,"updated_at":"2018-12-29T11:59:09.452+01:00","recording_url":"https://cdn.media.ccc.de/congress/2018/h264-hd/35c3-9979-fra-The_Laymans_Guide_to_Zero-Day_Engineering.mp4","url":"https://api.media.ccc.de/public/recordings/31686","event_url":"https://api.media.ccc.de/public/events/9f8b19eb-31cb-4250-80d4-5caf4e0b33dd","conference_url":"https://api.media.ccc.de/public/conferences/35c3"},{"size":581,"length":3423,"mime_type":"video/mp4","language":"eng-deu-fra","filename":"35c3-9979-eng-deu-fra-The_Laymans_Guide_to_Zero-Day_Engineering_hd.mp4","state":"new","folder":"h264-hd","high_quality":true,"width":1920,"height":1080,"updated_at":"2018-12-29T11:59:26.715+01:00","recording_url":"https://cdn.media.ccc.de/congress/2018/h264-hd/35c3-9979-eng-deu-fra-The_Laymans_Guide_to_Zero-Day_Engineering_hd.mp4","url":"https://api.media.ccc.de/public/recordings/31687","event_url":"https://api.media.ccc.de/public/events/9f8b19eb-31cb-4250-80d4-5caf4e0b33dd","conference_url":"https://api.media.ccc.de/public/conferences/35c3"},{"size":261,"length":3423,"mime_type":"video/mp4","language":"eng-deu-fra","filename":"35c3-9979-eng-deu-fra-The_Laymans_Guide_to_Zero-Day_Engineering_sd.mp4","state":"new","folder":"h264-sd","high_quality":false,"width":720,"height":576,"updated_at":"2018-12-29T12:44:45.277+01:00","recording_url":"https://cdn.media.ccc.de/congress/2018/h264-sd/35c3-9979-eng-deu-fra-The_Laymans_Guide_to_Zero-Day_Engineering_sd.mp4","url":"https://api.media.ccc.de/public/recordings/31703","event_url":"https://api.media.ccc.de/public/events/9f8b19eb-31cb-4250-80d4-5caf4e0b33dd","conference_url":"https://api.media.ccc.de/public/conferences/35c3"},{"size":316,"length":3423,"mime_type":"video/mp4","language":"eng-deu-fra","filename":"35c3-9979-eng-deu-fra-The_Laymans_Guide_to_Zero-Day_Engineering_hd-slides.mp4","state":"new","folder":"slides-h264-hd","high_quality":true,"width":1920,"height":1080,"updated_at":"2018-12-29T12:45:13.537+01:00","recording_url":"https://cdn.media.ccc.de/congress/2018/slides-h264-hd/35c3-9979-eng-deu-fra-The_Laymans_Guide_to_Zero-Day_Engineering_hd-slides.mp4","url":"https://api.media.ccc.de/public/recordings/31704","event_url":"https://api.media.ccc.de/public/events/9f8b19eb-31cb-4250-80d4-5caf4e0b33dd","conference_url":"https://api.media.ccc.de/public/conferences/35c3"},{"size":577,"length":3423,"mime_type":"video/webm","language":"eng-deu-fra","filename":"35c3-9979-eng-deu-fra-The_Laymans_Guide_to_Zero-Day_Engineering_webm-sd.webm","state":"new","folder":"webm-sd","high_quality":false,"width":720,"height":576,"updated_at":"2018-12-29T13:12:26.710+01:00","recording_url":"https://cdn.media.ccc.de/congress/2018/webm-sd/35c3-9979-eng-deu-fra-The_Laymans_Guide_to_Zero-Day_Engineering_webm-sd.webm","url":"https://api.media.ccc.de/public/recordings/31725","event_url":"https://api.media.ccc.de/public/events/9f8b19eb-31cb-4250-80d4-5caf4e0b33dd","conference_url":"https://api.media.ccc.de/public/conferences/35c3"},{"size":52,"length":3423,"mime_type":"audio/mpeg","language":"eng","filename":"35c3-9979-eng-The_Laymans_Guide_to_Zero-Day_Engineering_mp3.mp3","state":"new","folder":"mp3","high_quality":false,"width":0,"height":0,"updated_at":"2018-12-29T13:12:31.231+01:00","recording_url":"https://cdn.media.ccc.de/congress/2018/mp3/35c3-9979-eng-The_Laymans_Guide_to_Zero-Day_Engineering_mp3.mp3","url":"https://api.media.ccc.de/public/recordings/31726","event_url":"https://api.media.ccc.de/public/events/9f8b19eb-31cb-4250-80d4-5caf4e0b33dd","conference_url":"https://api.media.ccc.de/public/conferences/35c3"},{"size":37,"length":3423,"mime_type":"audio/opus","language":"eng","filename":"35c3-9979-eng-The_Laymans_Guide_to_Zero-Day_Engineering_opus.opus","state":"new","folder":"opus","high_quality":false,"width":0,"height":0,"updated_at":"2018-12-29T13:13:34.967+01:00","recording_url":"https://cdn.media.ccc.de/congress/2018/opus/35c3-9979-eng-The_Laymans_Guide_to_Zero-Day_Engineering_opus.opus","url":"https://api.media.ccc.de/public/recordings/31728","event_url":"https://api.media.ccc.de/public/events/9f8b19eb-31cb-4250-80d4-5caf4e0b33dd","conference_url":"https://api.media.ccc.de/public/conferences/35c3"},{"size":779,"length":3423,"mime_type":"video/webm","language":"eng-deu-fra","filename":"35c3-9979-eng-deu-fra-The_Laymans_Guide_to_Zero-Day_Engineering_webm-hd.webm","state":"new","folder":"webm-hd","high_quality":true,"width":1920,"height":1080,"updated_at":"2018-12-29T13:19:47.359+01:00","recording_url":"https://cdn.media.ccc.de/congress/2018/webm-hd/35c3-9979-eng-deu-fra-The_Laymans_Guide_to_Zero-Day_Engineering_webm-hd.webm","url":"https://api.media.ccc.de/public/recordings/31737","event_url":"https://api.media.ccc.de/public/events/9f8b19eb-31cb-4250-80d4-5caf4e0b33dd","conference_url":"https://api.media.ccc.de/public/conferences/35c3"}]}