Stephen Falken – S3lab

Automatic Heap Layout Manipulation via #UseSec18

Stephen Falken — Tue, 25 Sep 2018 15:36:44 +0000

Automatic exploit generation is a concept that has been studied during the last years, focusing mainly on buffer overflows located in the stack. The main objective of these works is generally to develop algorithms that produce control-flow hijacking exploits based on specific input values (which could also be discovered automatically) that cause the corruption of a pointer to instruction stored in the stack. However, carrying out the same concept in the heap presents different challenges

The post Automatic Heap Layout Manipulation via #UseSec18 appeared first on S3lab.

Position-independent Code Reuse via #EuroSP18

Stephen Falken — Fri, 15 Jun 2018 13:02:26 +0000

A few years ago, one of the most common attacks was to take advantage of a memory corruption error such as a buffer overflow to inject code (usually shellcode) and divert the flow of control to that code. However, with the widespread adoption of DEP (Data Execution Prevention) memory pages that contain data such as heap and stack are marked as non-executable, which makes this type of attacks unviable.

The post Position-independent Code Reuse via #EuroSP18 appeared first on S3lab.

Web-To-Mobile Vulnerabilities via #SP18

Stephen Falken — Thu, 26 Apr 2018 09:57:34 +0000

Currently a large number of mobile applications are simple front ends of their corresponding web APIs. Although this is not a danger in itself, it brings with it a very important implication regarding the validation process of data entry: The…

Benchmarking Crimes via #arXiv

Stephen Falken — Wed, 28 Feb 2018 17:07:42 +0000

The evaluation of the prototype that is developed in a scientific work is a very important part of the investigation since it determines if the proposed system fulfills its objectives and how well it does it, which is essential to make comparisons with other solutions and reproduceprevious results. A common part in most jobs is performance evaluation, since every safety mechanism introduces some kind of performance overload. The goal is to keep the overload at the lowest possible level while providing the highest degree of safety possible. As a result, current systems security research focuses on practical defenses that sacrifice some security to achieve realistic performance guarantees.

The post Benchmarking Crimes via #arXiv appeared first on S3lab.

Code-reuse attacks for the Web via #CCS17

Stephen Falken — Thu, 18 Jan 2018 16:00:28 +0000

Cross-site scripting (XSS) vulnerabilities are a fairly recurrent problem on the web even though it was publicly documented in 2000. These attacks allow a malicious actor to completely alien certain web page to inject and execute code not authorized by…

Variadic Vulnerabilities Vanquished via #UseSec17

Stephen Falken — Thu, 26 Oct 2017 09:57:54 +0000

Researchers at Purdue, Politecnico di Milano and California – Irvine universities presented this summer in Usenix Security a work focused on trying to prevent and eradicate vulnerabilities caused by the abuse of variadic functions. A variadic function is one that…