The Info Leak Era on Software Exploitation
- Type
- Paper
- Tags
- exploiting
- Authors
- Fermin Serna
- Event
- Black Hat USA 2012
- Indexed on
- May 24, 2014
- URL
- https://media.blackhat.com/bh-us-12/Briefings/Serna/BH_US_12_Serna_Leak_Era_WP.pdf
- File name
- BH_US_12_Serna_Leak_Era_WP.pdf
- File size
- 966.4 KB
- MD5
- 9707f432893d5c166c6ea859619dad69
- SHA1
- 56c55b7ecc1e70a8efc981bb75b3589ad1b4aaab
Previously, and mainly due to application compatibility. ASLR has not been as effective as it has been expected. Nowadays, once some of the problems to fully deploy ASLR has been solved, it has become the key mitigation preventing reliable exploitation of software vulnerabilities. Defeating ASLR is a hot topic in the exploitation world. During this talk, it will be presented why other mitigations without ASLR are not strong ones and why if you defeat ASLR you mainly defeat the rest of them. Methods to defeat ASLR had been fixed lately and the current way for this is using information leak vulnerabilities.
About us
Secdocs is a project aimed to index high-quality IT security and hacking documents. These are fetched from multiple data sources: events, conferences and generally from interwebs.
Statistics
Serving 8166 documents and 531.0 GB of hacking knowledge, indexed from 2419 authors from 163 security conferences.
Contribute
To support this site and keep it alive, you can click on the buttons below. Any help is really appreciated! This service is provided for free, but real money is needed to pay bills.
