Presented at
DEF CON 32 (2024),
Aug. 10, 2024, 11 a.m.
(45 minutes).
For the past 20+ years binary exploitation has been seen as the ultimate challenge and prize, when exploiting large applications and operating systems. During this period, the question of "How much longer will we be able to do this?" has been asked countless times, and with good reason. Memory safety and corruption issues with low-level languages have been an enormous challenge for OS and application developers. There are certainly efforts to move to "safer" languages such as Rust, but those languages need to mature a bit longer before they're able to stand up to the capabilities of a language like C++.
Thanks to exploit mitigations and memory protections, a large number of these vulnerabilities are not exploitable. There are the mature mitigations, such as Data Execution Prevention (DEP) and Address Space Layout Randomization (ASLR), and then newer ones such as Control-flow Enforcement Technology (CET) and Virtualization Based Security (VBS). A large number of these mitigations are not enabled by default on the Windows OS, due to the fact that many need to be tested to ensure they do not break production applications. In this presentation, we will take a technical dive into the state of binary exploitation and the effectiveness of the many available mitigations, by looking at the way they're enforced.
Presenters:
-
Stephen Sims
- Fellow Instructor at SANS Institute
Stephen Sims is an experienced vulnerability researcher and exploit developer, having discovered and privately disclosed many vulnerabilities affecting well-known browsers and OS kernels. He is co-author of the popular Gray Hat Hacking book series through McGraw-Hill, now in its 6th edition. He is a Fellow Instructor with the SANS Institute and author of some of their most advanced content covering exploit development and other offensive operations and security related topics. Stephen also runs the Off By One Security channel on YouTube, where he teaches offensive-related material, bringing on a wide variety of experts on to provide free training to the community.
Similar Presentations: