lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Date: Mon, 6 Sep 2010 08:15:19 +0200
From: "Piotr Bania" <bania.piotr@...il.com>
To: <dailydave@...ts.immunitysec.com>
Cc: full-disclosure@...ts.grok.org.uk
Subject: PAPER: JIT spraying and mitigations

ABSTRACT

With the discovery of new exploit techniques, novel protection mechanisms 
are needed as well. Mitigations like DEP (Data Execution Prevention) or ASLR 
(Address Space Layout Randomization) created a significantly more difficult 
environment for exploitation. Attackers, however, have recently researched 
new exploitation methods which are capable of bypassing the operating system's 
memory mitigations. One of the newest and most popular exploitation 
techniques to bypass both of the aforementioned security protections is JIT 
memory spraying, introduced by Dion Blazakis. In this article we will 
present a short overview of the JIT spraying technique and also novel 
mitigation methods against this innovative class of attacks. An anti-JIT 
spraying library was created as part of our shellcode execution prevention 
system.

PAPER LINK:
http://www.piotrbania.com/all/articles/pbania-jit-mitigations2010.pdf

PAPER MIRROR:
http://kryptoslogic.com/download/JIT_Mitigations.pdf


best regards,
pb


-- 
--------------------------------------------------------------------
Piotr Bania - <bania.piotr@...il.com> - 0xCD, 0x19
Fingerprint: 413E 51C7 912E 3D4E A62A  BFA4 1FF6 689F BE43 AC33
http://www.piotrbania.com  - Key ID: 0xBE43AC33
--------------------------------------------------------------------

               - "The more I learn about men, the more I love dogs."


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ