SecAppDev 2018

Modern defenses against code reuse attacks almost always use the wrong threat model. As a result, attackers can bypass them, and exploit seemingly secure software.


 Abstract
30 years after the Morris Worm, we are still unable to stop exploits based on memory corruption. Admittedly, the community has developed extremely advanced defenses. As such, the bar for attackers is now much higher than it ever was. Unfortunately, if you look at the overall picture, this is still a losing battle. Today, attackers can launch code reuse attacks without ever learning any addresses of the code fragments.

Modern defenses tend to rely on assumptions that often turn out to be invalid. They misjudge the strength of the defense or the inventiveness of the attacker. In this session, we will discuss current attacks and defenses and show to what extent they make exploitation harder. We will investigate how using dynamic code analysis already suffices to bypass these defenses. In the end, you will be able to assess the security of your systems in the modern threat landscape.


This session is intended for anyone building systems in low-level languages such as C and C++