Automatic Exploit Detection in Binaries

Presented at DEF CON 14 (2006), Aug. 5, 2006, 8 p.m. (50 minutes)

Binary disassembling and manual analysis to find exploitable vulnerabilities is a cool topic. What's cooler? Saving yourself hours of time and brain rot by letting a program do the hard parts for you! In this talk, we will dissect a well-known exploitable vulnerability as well as an open source tool for automatically detecting that vulnerability. By the end of the talk, you will understand the basics of static code analysis, exploitable bugs in Windows, x86 assembly, and the structure of the open source project. Interested attendees can join a pair programming session after the talk to start work on enhancements.


Presenters:

  • Luis Miras - Lead Vulnerability Researcher
    Luis Miras is the lead vulnerability researcher at Intrusion Inc. He has done work for leading consulting firms. and Network Associates. He released the first public polymorphic shellcode at Defcon 8 and has also spoken at Toorcon 7 as well as the CCC Congress (17c3) in Berlin. In the past he has worked in digital design, and embedded programming.
  • Matt Hargett
    Matt Hargett last spoke at Defcon about using open source tools to test Firewalls and IDSes, and has spoken and written articles in a variety of venues and leading publications on the topics of security, testing, and programming techniques. After successfully creating and launching the commercial static analysis tool, BugScan, as the initial sole developer, he took time off and now works in a very different and unrelated field. He lives in Mountain View, California with his husband, Geoff, and their dog, Baxter.

Links:

Similar Presentations: