Surgically Returning to Randomized lib(c)

14 years 5 months ago

Download security.dsi.unimi.it

—To strengthen systems against code injection attacks, the write or execute only policy (W⊕X) and address space layout randomization (ASLR) are typically used in combination. The former separates data and code, while the latter randomizes the layout of a process. In this paper we present a new attack to bypass W⊕X and ASLR. The state-of-the-art attack against this combination of protections is based on brute-force, while ours is based on the leakage of sensitive information about the memory layout of the process. Using our attack an attacker can exploit the majority of programs vulnerable to stack-based buffer overﬂows surgically, i.e., in a single attempt. We have estimated

Giampaolo Fresi Roglia, Lorenzo Martignoni, Robert

Real-time Traffic

ACSAC 2009 | Address Space Layout Randomization | Security Privacy | Separates Data | —To Strengthen Systems |

claim paper

Post Info
More Details (n/a)

Added	18 May 2010
Updated	18 May 2010
Type	Conference
Year	2009
Where	ACSAC
Authors	Giampaolo Fresi Roglia, Lorenzo Martignoni, Roberto Paleari, Danilo Bruschi

Comments (0)

Sciweavers

Surgically Returning to Randomized lib(c)

ACSAC 2009 | Address Space Layout Randomization | Security Privacy | Separates Data | —To Strengthen Systems |

Explore & Download

Productivity Tools

Document Tools

Image Tools

Sciweavers