Overview
Explore advanced techniques for breaking user-space and kernel ASLR, as well as discovering driver vulnerabilities through the visualization and analysis of Page Tables across multiple operating systems and architectures. Dive deep into the data structures that map virtual address spaces to physical RAM locations, examining implementations in Windows, Linux, Android, macOS, and iOS on x86_64 and ARMv7 platforms. Learn to interpret commonalities and differences in Page Table organizations, identify static physical and virtual mappings for potential exploits, and understand the implications for DMA attacks and ASLR bypasses. Witness the practical application of these concepts through the demonstration of a mitigated Android 4.0.x ASLR bypass and the revelation of a new Android 4.2.2 user-space ASLR bypass affecting recent Linux/ARM kernels. Gain valuable insights into efficient hardware implementation, x86 virtual address translation, and memory internals of various operating systems, equipping you with the knowledge to uncover vulnerabilities and develop innovative exploitation techniques.
Syllabus
Intro
Efficient Hardware Implementation
x86 Virtual Address Translation
Data Collection
Hilbert Curve Legend
Android Process Comparison
Android Observations
Android 4.2.2 4.3 ASLR Bypass
32-bit Windows Memory Internals
Surface RT Layout
Kernel Observations
Taught by
Black Hat