Return to Where? You Can't Exploit What You Can't Find

Return to Where? You Can't Exploit What You Can't Find

Black Hat via YouTube Direct link

Vtable Randomization

24 of 26

24 of 26

Vtable Randomization

Class Central Classrooms beta

YouTube videos curated by Class Central.

Classroom Contents

Return to Where? You Can't Exploit What You Can't Find

Automatically move to the next video in the Classroom when playback concludes

  1. 1 Intro
  2. 2 Motivation
  3. 3 Three Decades of Runtime Exploits
  4. 4 Return-oriented Programming (ROP): Basic Idea
  5. 5 ROP Attack Technique: Overview
  6. 6 Adversary Model/Assumptions
  7. 7 MAIN DEFENSES MEASURES
  8. 8 Randomization vs. CFI
  9. 9 Fine-Grained ASLR
  10. 10 Key Insight and Observation
  11. 11 Gadget Finding and Payload Generation
  12. 12 Code Randomization: Attack & Defense Techniques
  13. 13 Readactor: Resilience to Memory Disclosure
  14. 14 Preventing Direct Memory Disclosure
  15. 15 Execute-Only EPT Mapping
  16. 16 Indirect Memory Disclosure Attack
  17. 17 Code-Pointer Hiding
  18. 18 Readactor Compiler
  19. 19 Readactor's Runtime Architecture
  20. 20 JIT Compiler Support
  21. 21 Evaluation: Does it work?
  22. 22 SPEC CPU2006 Performance
  23. 23 How About Security?
  24. 24 Vtable Randomization
  25. 25 Conclusion
  26. 26 Coming Soon

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.