Skip to main content
USENIX
  • Conferences
  • Students
Sign in
  • Overview
  • Workshop Organizers
  • Registration Information
  • Registration Discounts
  • At a Glance
  • Calendar
  • Workshop Program
  • Birds-of-a-Feather Sessions
  • Purchase the Box Set
  • Co-located Workshops
  • Sponsorship
  • Activities
  • Hotel and Travel Information
  • Students
  • Questions
  • Help Promote!
  • For Participants
  • Call for Papers
  • Past Workshops

sponsors

Silver Sponsor
Bronze Sponsor

twitter

Tweets by @usenix

usenix conference policies

  • Event Code of Conduct
  • Conference Network Policy
  • Statement on Environmental Responsibility Policy

You are here

Home » “Weird Machines” in ELF: A Spotlight on the Underappreciated Metadata
Tweet

connect with us

http://twitter.com/usenixsecurity
https://www.facebook.com/usenixassociation
http://www.linkedin.com/groups/USENIX-Association-49559/about
https://plus.google.com/108588319090208187909/posts
http://www.youtube.com/user/USENIXAssociation

“Weird Machines” in ELF: A Spotlight on the Underappreciated Metadata

Authors: 

Rebecca Shapiro, Sergey Bratus, and Sean W. Smith, Dartmouth College

Abstract: 

Although software exploitation historically started as an exercise in coaxing the target's execution into attacker supplied binary shellcode, it soon became a practical study in pushing the limits of unexpected computation that could be caused by crafted data not containing any native code. We show how the ABI metadata that drives the creation of a process' runtime can also drive arbitrary computation. We introduce our design and implementation of Cobbler, a proof-of-concept toolkit capable of compiling a Turing-complete language into well-formed ELF executable metadata that get "executed" by the runtime loader (RTLD). Our proof-of-concept toolkit highlights how important it is that defenders expand their focus beyond the code and data sections of untrusted binaries, both in static analysis and in the dynamic analysis of the early runtime setup stages as well as any time the RTLD is invoked.

Rebecca Shapiro, Dartmouth College

Sergey Bratus, Dartmouth College

Sean W. Smith, Dartmouth College

Open Access Media

USENIX is committed to Open Access to the research presented at our events. Papers and proceedings are freely available to everyone once the event begins. Any video, audio, and/or slides that are posted after the event are also free and open to everyone. Support USENIX and our commitment to Open Access.

BibTeX
@inproceedings {179203,
author = {Rebecca Shapiro and Sergey Bratus and Sean W. Smith},
title = {{\textquotedblleft}Weird Machines{\textquotedblright} in {ELF}: A Spotlight on the Underappreciated Metadata},
booktitle = {7th {USENIX} Workshop on Offensive Technologies ({WOOT} 13)},
year = {2013},
address = {Washington, D.C.},
url = {https://www.usenix.org/conference/woot13/workshop-program/presentation/shapiro},
publisher = {{USENIX} Association},
month = aug,
}
Download
Shapiro PDF
View the slides

Presentation Video

Presentation Audio

MP3 Download OGG Download

Download Audio

  • Log in or    Register to post comments

Silver Sponsors

Bronze Sponsors

© USENIX

  • Privacy Policy
  • Conference Policies
  • Contact Us