Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Hands Off and Putting SLAB - SLUB Feng Shui in a Blackbox

Black Hat via YouTube

Overview

Explore an advanced automated memory layout manipulation technique in this Black Hat conference talk. Learn how attackers can identify system calls tied to objects of interest and automatically assemble them to adjust memory layout for exploitation. Discover the intricacies of SLAB cache, free vulnerabilities, and challenges in memory manipulation. Follow the roadmap to understand the solution, including victim objects, spray objects, call graphs, and kernel noise. Examine SLAB layout cases, tricks, and problems encountered. Evaluate the technique through demonstrations on the Linux kernel and discuss general mitigation approaches. Gain insights into user perspectives and potential applications of this powerful memory manipulation method.

Syllabus

Introduction
SLAB Cache
Free Vulnerability
Challenges
Roadmap
Solution
Solution Filter
Victim Object
Spray Object
Call Graph
Kernel Noise
SLAB Layout
Case 1 Unoccupied
Case 1 Side Effect
Case 2 Tricks
Case 2 Problem
The Solution
The Third Step
The First Problem
The Third Problem
Evaluation
Demo
Linux Kernel
General Mitigation Approach
Summary
Conclusion
Not the same size
Merge
User Perspective
PA

Taught by

Black Hat

Reviews

Start your review of Hands Off and Putting SLAB - SLUB Feng Shui in a Blackbox

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.