BEGIN:VCALENDAR
VERSION:2.0
PRODID:-//pretalx//pretalx.com//bsides-canberra-2025//speaker//YNAGZN
BEGIN:VTIMEZONE
TZID:AEST
BEGIN:STANDARD
DTSTART:20000326T040000
RRULE:FREQ=YEARLY;BYDAY=-1SU;BYMONTH=3;UNTIL=20050326T170000Z
TZNAME:AEST
TZOFFSETFROM:+1100
TZOFFSETTO:+1000
END:STANDARD
BEGIN:STANDARD
DTSTART:20060402T040000
RRULE:FREQ=YEARLY;BYDAY=1SU;BYMONTH=4;UNTIL=20060401T170000Z
TZNAME:AEST
TZOFFSETFROM:+1100
TZOFFSETTO:+1000
END:STANDARD
BEGIN:STANDARD
DTSTART:20070325T040000
RRULE:FREQ=YEARLY;BYDAY=4SU;BYMONTH=3;UNTIL=20070324T170000Z
TZNAME:AEST
TZOFFSETFROM:+1100
TZOFFSETTO:+1000
END:STANDARD
BEGIN:STANDARD
DTSTART:20080406T040000
RRULE:FREQ=YEARLY;BYDAY=1SU;BYMONTH=4
TZNAME:AEST
TZOFFSETFROM:+1100
TZOFFSETTO:+1000
END:STANDARD
BEGIN:DAYLIGHT
DTSTART:20000827T030000
RRULE:FREQ=YEARLY;BYDAY=4SU;BYMONTH=8;UNTIL=20000826T170000Z
TZNAME:AEDT
TZOFFSETFROM:+1000
TZOFFSETTO:+1100
END:DAYLIGHT
BEGIN:DAYLIGHT
DTSTART:20011028T030000
RRULE:FREQ=YEARLY;BYDAY=-1SU;BYMONTH=10;UNTIL=20071027T170000Z
TZNAME:AEDT
TZOFFSETFROM:+1000
TZOFFSETTO:+1100
END:DAYLIGHT
BEGIN:DAYLIGHT
DTSTART:20081005T030000
RRULE:FREQ=YEARLY;BYDAY=1SU;BYMONTH=10
TZNAME:AEDT
TZOFFSETFROM:+1000
TZOFFSETTO:+1100
END:DAYLIGHT
END:VTIMEZONE
BEGIN:VEVENT
UID:pretalx-bsides-canberra-2025-THVKTF@pretalx.com
DTSTART;TZID=AEST:20250926T113000
DTEND;TZID=AEST:20250926T122500
DESCRIPTION:Windows COM (Component Object Model) is an essential yet comple
 x  part of the OS\, responsible for enabling interprocess communication.  
 While well-documented on the surface\, COM's internal behaviors by many re
 searcher by still hide attack surfaces that are underexplored.\n\nIn this 
 talk\, I will take you through my personal journey of discovering a pre-au
 thentication COM vulnerability in Windows. Starting from understanding COM
  internals and how to access their stubs simply\, then  fuzzing them using
  harnesses built on `kAFL` and `WTF`\, I’ll show the steps that led to a
  successful vulnerability discovery.\n\nI’ll also briefly examine previo
 us `COM-related` CVEs and some researches\, what patterns they share\, and
  how I used those lessons in my own approach. Finally\, I will present the
  technical root cause of the vulnerability I found (`Case-88235`\, `CVE-20
 25-29841`)\, followed by a demo of how it could be exploited in a pre-auth
  scenario.\n\nThis talk is intended for vulnerability researchers\, revers
 e engineers\, and Windows security enthusiasts interested in novel pre-aut
 h attack vectors and practical bug-hunting methodology.
DTSTAMP:20260603T235422Z
LOCATION:Off-Main Track
SUMMARY:Breaking COMposure: Journey to Hunting Windows COM Vulnerabilities 
 - ByungHyun Kang
URL:https://pretalx.com/bsides-canberra-2025/talk/THVKTF/
END:VEVENT
END:VCALENDAR