Advanced Format String Attacks

Presented at DEF CON 18 (2010), July 31, 2010, 6 p.m. (50 minutes)

Format string attacks remain difficult in both software and hackademic exercises as the techniques have not improved since their discovery. This session demonstrates advanced format string attack techniques designed to automate the process from creation to compromise as well as incorporate those techniques into the Metasploit framework. The audience is encouraged to bring a basic understanding of format string attacks in order to leave the presentation with the tools necessary to never write one again.

Presenters:

• Paul Haas / sss - Lead Web Application Security Engineer at Redspin, Inc.   as Paul Haas
  Paul Haas is the lead web application security engineer at Redspin, Inc, where has worked on a variety of research and penetration testing over the past four years with experience in over 100+ infrastructure and security assessment projects. He has a B.S. in Computer Science at the University of California Santa Barbara, and is a former member of the Reliable Software Group where he performed a variety of research into tracing the function calls of Linux binaries, cellular phone worms, the creation of an open source VMware framework for OWASP vulnerabilities, and ViSe, a virtual security testbed used to efficiently study computer attacks and suspect tools as part of a computer crime reconstruction. He is a former winner of the Defcon Capture the Flag contest and enjoys playing Mario Kart in his free time.

Links:

• https://defcon.org/html/defcon-18/dc-18-speakers.html#Haas
• https://infocon.org/cons/DEF CON/DEF CON 18/DEF CON 18 video and slides/DEF CON 18 - Paul Haas - Advanced Format String Attacks - Video and Slides.mp4 (Video and Slides)
• https://www.youtube.com/watch?v=JU2ulb-q0gU

Similar Presentations:

• DerbyCon 2.0 Reunion (2012) / Format String Vulnerabilities 101
• REcon 2012 / Extraordinary String Based Attacks