Turning Memory Errors Into Code Execution With Client-Side Compilers

Explore the security implications of client-side compilers in web browsers through this conference talk from HITB Security Conference. Dive into the world of Just-In-Time (JIT) and Ahead-of-Time (AOT) compilation, examining how these performance-enhancing technologies can be exploited by attackers. Learn about JIT-Spray techniques and their evolution in exploiting memory errors. Analyze specific vulnerabilities discovered in Mozilla Firefox's ASM.JS implementation, including CVE-2017-5375 and CVE-2017-5400. Discover how to craft and transform ASM.JS payloads for remote code execution on vulnerable Firefox versions. Gain insights from Robert Gawlik, a seasoned security researcher specializing in low-level security, binary software, and web browser internals, as he shares his findings and expertise in this 38-minute presentation.