Previously, and mainly due to application compatibility. ASLR has not been as effective as it has been expected. Nowadays, once some of the problems to fully deploy ASLR has been solved, it has become the key mitigation preventing reliable exploitation of software vulnerabilities. Defeating ASLR is a hot topic in the exploitation world.
During this talk, it will be presented why other mitigations without ASLR are not strong ones and why if you defeat ASLR you mainly defeat the rest of them. Methods to defeat ASLR had been fixed lately and the current way for this is using information leak vulnerabilities.
During this talk it will be presented several techniques that could be applied to convert vulnerabilities into information leaks:
My name is Ferm'n J. Serna (aka Zhodiac). I was born in Madrid (Spain) in the 1979. I am a Computer Science Engineer graduated at the UCM, and currently working for Google at the Mountain View (California) offices as a Information Security Engineer at the (ISE) team. Previously I have worked for Microsoft at the MSRC Engineering team. I have lots of things that attract my attention, mainly security ones such as exploitation techniques, fuzzing, binary static analysis, reverse engineering, coding... but also Artificial Intelligence, chess... You can contact me by: E-mail:zhodiac [_AT_] hispahack [_DOT_] com Twitter:@fjserna Blog: http://zhodiac.hispahack.com