The dynamic nature of ECMAScript allows for functions and properties to be redefined in a variety of ways - even functions that are vital for internal functionality of the ECMAScript engine. This presentation explores the problems that can arise from ECMAScript redefinition. It goes through the various ways that functions and properties can be redefined in different ECMAScript implementations and describes several vulnerabilities we found as a result of these methods. It also provides some strategies for finding these types of security issues in other targets.
Natalie Silvanovich is a security researcher on Google Project Zero. She has spent the last seven years working in mobile security, both finding security issues in mobile software and improving the security of mobile platforms. Outside of work, Natalie enjoys applying her hacking and reverse engineering skills to unusual targets, and has spoken at several conferences on the subject of Tamagotchi hacking. She is actively involved in hackerspaces and is a founding member of Kwartzlab Makerspace in Kitchener, Ontario, Canada.