Description: The detection of heap based buffer overflows have always been difficult due to the use of the corrupted memory happening often much later after the overwrite occurs during an execution process. Add to that the difficulty in the classification and exploitation of these vulnerabilities and you are doomed for eternity.
Meet Heaper. Heaper is an evolving Immunity Debugger plugin designed to not only detect corrupted heap memory during a dynamic assessment, but also to use a number of heuristics to detect exploitable conditions. Once a condition is triggered, it will hopefully guide you on how you should 'massage' the heap. Additionally, it introduces the ability to graph and analysis the heap state and performs other important heap tasks.
Come and learn how Steve failed, succeeded, what functionality was developed and why and the future direction of the project.
STEVEN SEELEY BIO
Steven Seeley is a security researcher for Immunity Inc where he performs penetration tests for a number of large national and international organizations. He practices the ancient art of persistence and focuses his research efforts on the application of offensive security. He is a member of the Corelan security team and has authored the tutorial series "Heap Overflows for Humans".
Tags: securitytube , hacking , hackers , information security , convention , computer security , ruxcon-2012 ,
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.