Abstract—Fine-grained address space layout randomization (ASLR) has recently been proposed as a method of efficiently mitigating runtime attacks. In this paper, we introduce the design and implementation of a framework based on a novel attack strategy, dubbed just-in-time code reuse, that undermines the benefits of fine-grained ASLR. Specifically, we derail the assumptions embodied in fine-grained ASLR by exploiting the ability to repeatedly abuse a memory disclosure to map an application’s memory layout on-the-fly, dynamically discover API functions and gadgets, and JIT-compile a target program using those gadgets—all within a script environment at the time an exploit is launched. We demonstrate the power of our framework by using it in co...
Code injection attacks are a top threat to today's Internet. With zero-day attacks on the rise,...
Abstract—The wide adoption of non-executable page protec-tions in recent versions of popular operati...
Abstract—Layout randomization is a powerful, popular tech-nique for software protection. We present ...
Fine-grained address space layout randomization (ASLR) has recently been proposed as a method of eff...
Address-space layout randomization is a wellestablished defense against code-reuse attacks. However,...
Exploitation of memory corruption vulnerabilities in widely used software has been a threat for almo...
Software that is in use and under development today still contains as many bugs as ever. These bugs ...
Exploitation of memory-corruption vulnerabilities in widely-used software has been a threat for over...
Abstract—Since the day it was proposed, return-oriented programming has shown to be an effective and...
Code reuse attacks such as return-oriented programming are one of the most powerful threats to conte...
Software immunity through diversity is a promising research direction. Address Space Layout Randomi...
Code reuse attacks such as return-oriented programming are one of the most powerful threats to conte...
Abstract—To strengthen systems against code injection attacks, the write or execute only policy (W⊕X...
Until recently, it was widely believed that code randomization (such as fine-grained ASLR) can effec...
Code-reuse attacks such as return-oriented programming (ROP) pose a severe threat to modern software...
Code injection attacks are a top threat to today's Internet. With zero-day attacks on the rise,...
Abstract—The wide adoption of non-executable page protec-tions in recent versions of popular operati...
Abstract—Layout randomization is a powerful, popular tech-nique for software protection. We present ...
Fine-grained address space layout randomization (ASLR) has recently been proposed as a method of eff...
Address-space layout randomization is a wellestablished defense against code-reuse attacks. However,...
Exploitation of memory corruption vulnerabilities in widely used software has been a threat for almo...
Software that is in use and under development today still contains as many bugs as ever. These bugs ...
Exploitation of memory-corruption vulnerabilities in widely-used software has been a threat for over...
Abstract—Since the day it was proposed, return-oriented programming has shown to be an effective and...
Code reuse attacks such as return-oriented programming are one of the most powerful threats to conte...
Software immunity through diversity is a promising research direction. Address Space Layout Randomi...
Code reuse attacks such as return-oriented programming are one of the most powerful threats to conte...
Abstract—To strengthen systems against code injection attacks, the write or execute only policy (W⊕X...
Until recently, it was widely believed that code randomization (such as fine-grained ASLR) can effec...
Code-reuse attacks such as return-oriented programming (ROP) pose a severe threat to modern software...
Code injection attacks are a top threat to today's Internet. With zero-day attacks on the rise,...
Abstract—The wide adoption of non-executable page protec-tions in recent versions of popular operati...
Abstract—Layout randomization is a powerful, popular tech-nique for software protection. We present ...