Fine-grained address space layout randomization (ASLR) has recently been proposed as a method of efficiently mitigating runtime attacks. In this presentation, we introduce the design and implementation of a framework based on a novel attack strategy, dubbed just-in-time code reuse, which both undermines the benefits of fine-grained ASLR and greatly enhances the ease of exploit development on today's platforms that combine standard ASLR and DEP (e.g. Windows 8). Specifically, we derail the assumptions embodied in fine-grained ASLR by exploiting the ability to repeatedly abuse a memory disclosure to map an application's memory layout on-the-fly, dynamically discover API functions and gadgets, and JIT-compile a target program using those gadge...
Today's most widely exploited applications are the web browsers and document readers we use every da...
Abstract—Since the day it was proposed, return-oriented programming has shown to be an effective and...
Code reuse attacks such as return-oriented programming are one of the most powerful threats to conte...
Abstract—Fine-grained address space layout randomization (ASLR) has recently been proposed as a meth...
Address-space layout randomization is a wellestablished defense against code-reuse attacks. However,...
Exploitation of memory corruption vulnerabilities in widely used software has been a threat for almo...
Exploitation of memory-corruption vulnerabilities in widely-used software has been a threat for over...
Software that is in use and under development today still contains as many bugs as ever. These bugs ...
Abstract—The wide adoption of non-executable page protec-tions in recent versions of popular operati...
Code-reuse attacks such as return-oriented programming (ROP) pose a severe threat to modern software...
Code reuse attacks such as return-oriented programming are one of the most powerful threats to conte...
Software immunity through diversity is a promising research direction. Address Space Layout Randomi...
Abstract—To strengthen systems against code injection attacks, the write or execute only policy (W⊕X...
Detecting and preventing exploitation of memory corruption vulnerabilities is highly challenging. Un...
Until recently, it was widely believed that code randomization (such as fine-grained ASLR) can effec...
Today's most widely exploited applications are the web browsers and document readers we use every da...
Abstract—Since the day it was proposed, return-oriented programming has shown to be an effective and...
Code reuse attacks such as return-oriented programming are one of the most powerful threats to conte...
Abstract—Fine-grained address space layout randomization (ASLR) has recently been proposed as a meth...
Address-space layout randomization is a wellestablished defense against code-reuse attacks. However,...
Exploitation of memory corruption vulnerabilities in widely used software has been a threat for almo...
Exploitation of memory-corruption vulnerabilities in widely-used software has been a threat for over...
Software that is in use and under development today still contains as many bugs as ever. These bugs ...
Abstract—The wide adoption of non-executable page protec-tions in recent versions of popular operati...
Code-reuse attacks such as return-oriented programming (ROP) pose a severe threat to modern software...
Code reuse attacks such as return-oriented programming are one of the most powerful threats to conte...
Software immunity through diversity is a promising research direction. Address Space Layout Randomi...
Abstract—To strengthen systems against code injection attacks, the write or execute only policy (W⊕X...
Detecting and preventing exploitation of memory corruption vulnerabilities is highly challenging. Un...
Until recently, it was widely believed that code randomization (such as fine-grained ASLR) can effec...
Today's most widely exploited applications are the web browsers and document readers we use every da...
Abstract—Since the day it was proposed, return-oriented programming has shown to be an effective and...
Code reuse attacks such as return-oriented programming are one of the most powerful threats to conte...