Modern Exploitation and Memory Protection Bypasses
Alexander Sotirov, Independent Security Researcher
The difficulty of exploiting memory corruption vulnerabilities has increased significantly with the introduction of the exploitation mitigation features in modern operating systems. Stack cookies, non-executable memory, and address space layout randomization successfully prevent most attempts at direct control-flow modification in vulnerable applications. As a result, software exploitation is much more difficult than it has been at any point in the past.
This talk will present the challenges facing exploit developers today and the latest techniques for defeating the memory protection features in modern operating systems. It will describe the current state of the art in exploitation and outline the most promising directions for future exploitation research.
Open Access Media
USENIX is committed to Open Access to the research presented at our events. Papers and proceedings are freely available to everyone once the event begins. Any video, audio, and/or slides that are posted after the event are also free and open to everyone. Support USENIX and our commitment to Open Access.
author = {Alexander Sotirov},
title = {Modern Exploitation and Memory Protection Bypasses},
year = {2009},
address = {Montreal, Quebec},
publisher = {USENIX Association},
month = aug
}