2010 April – ...And You Will Know Us by the Trail of Bits

Practical Return-Oriented Programming

April 26, 2010 By tobadmin Leave a Comment

At a number of conferences this spring, I am presenting “Practical Return-Oriented Programming.” The talk is about taking the academic and applying it in the real world to developing exploits for Windows that bypass Permanent DEP using my BISC (Borrowed Instructions Synthetic Computer) library. In the talk, I demonstrate exploitation of the Internet Explorer “Operation Aurora” vulnerability on Windows 7. These techniques are not at all new, only my implementation is, and it owes much to previous research by Sebastian Krahmer’s “Borrowed Code Chunks” technique , Hovav Shacham’s Return-Oriented Programming, and Pablo Sole’s DEPLIB.

RSA Brief Session Webcast, Video, Podcast, and Slides (Login with Delegate access required)
SOURCE Boston 2010 Slides (more complete and technical than the RSA talk)
ITWeb Security Summit 2010 (Upcoming)

Filed Under: Conferences, Exploits, Vulnerabilities

@TrailOfBits Twitter

RT @Kym_Possible: @wxs I watched a webinar by @_snagg a couple months ago (via @BlackHatEvents) that was fantastic & didn't try to sell @tr… 3 hours ago
In our newsletter this month: FTC and BlackBerry mobile security summits, a new book, Elderwood, and Ruby security! eepurl.com/AWrXj 1 day ago
Trail of Bits, The June Edition - eepurl.com/AWrXj 1 day ago
RT @Kym_Possible: "If you can't explain risk to users in understandable way, that's a technical flaw. I don't blame the user" @dguido #bbs… 5 days ago
RT @BBSIRT: Thank you @dguido for an insightful presentation and discussion on mobile exploits. #BBSecSummit http://t.co/6eHQRiFPLj 5 days ago

Practical Return-Oriented Programming

Our Firm

Our Vision

Newsletter Signup Form

Contact Us

Categories

Archives

@TrailOfBits Twitter

Follow “...And You Will Know Us by the Trail of Bits”