Overview
Explore a comprehensive analysis of Linux and PaX ASLR vulnerabilities in this 58-minute Black Hat conference talk by Dr. Hector Marco-Gisbert and Dr. Ismael Ripoll. Delve into four critical weaknesses in current ASLR design and implementation: low entropy, non-uniform distribution, object correlation, and inheritance. Witness a proof-of-concept demonstration bypassing Full ASLR Linux on 64-bit systems in under a second. Gain insights into a proposed new ASLR design, ASLR-NG, which addresses these vulnerabilities and surpasses existing solutions, including PaX. Learn about ASLRA, a tool suite for analyzing ASLR entropy in Linux systems. Enhance your understanding of cybersecurity challenges and cutting-edge solutions in both 32-bit and 64-bit environments.
Syllabus
Exploiting Linux and Pax ASLR's Weaknesses on 32-Bit and 64-Bit Systems
Taught by
Black Hat