Description: Exploitation of memory corruption vulnerabilities is a prevalent problem – despite the huge amount of effort put into solving it. Nevertheless, exploitation is getting harder as new hardening techniques are being adopted.
Two of the most prominent techniques in the Windows world that were lately adopted are Return Oriented Programming (ROP) mitigations and Control-Flow Guard (CFG). Both techniques aim to obstruct code-reuse attacks.
ROP mitigations are run-time checks that try to detect ongoing ROP attacks by hooking into sensitive code locations to perform various checks. CFG is a compile-time technique that implements static coarse grained control flow integrity checks with minimal memory and CPU overhead. In this talk we have a look at the latest versions of these mitigations, namely the ROP mitigations that come with EMET 5.5 and Visual Studio 2015’s CFG. We present the implementation and discuss the implications for an attacker trying to exploit a hardened application.
Matthias Ganz(@GanzMatthias)
Matthias is a software engineer and security expert with a special interest in hardware and low-level programming.
He graduated from ETH Zurich with a Master of Science in Computer Science. He has worked on many software projects across different industry sectors, with a focus on building failsafe software systems. As a technical supervisor, he has coached his co-workers on software design and implementation.
In 2015, he co-founded xorlab and was appointed CTO where he is responsible for product development and strategy.
For More Information Please Visit:- http://area41.io/
Tags:
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.