(Mirror Link - http://kryptoslogic.com/
Abstract
With the discovery of new exploit techniques, novel protection mechanisms are needed as well. Mitigations like DEP (Data Execution Prevention) or ASLR (Address Space Layout Randomization) created a significantly more difficult environment for exploitation. Attackers, however, have recently researched new exploitation methods which are ca- pable of bypassing the operating system’s memory mitigations. One of the newest and most popu- lar exploitation techniques to bypass both of the aforementioned security protections is JIT memory spraying, introduced by Dion Blazakis.
In this article we will present a short overview of the JIT spraying technique and also novel mitigation methods against this innovative class of at- tacks. An anti-JIT spraying library was created as part of our shellcode execution prevention system.
---------------------------------------------------------------------
Hat-tip to HD Moore for the link.
No comments:
Post a Comment