Explore a critical security vulnerability in cloud computing environments through this Black Hat conference talk. Delve into the intricacies of memory deduplication and its unintended consequences on Address Space Layout Randomization (ASLR). Learn how the CAIN (Cross-VM ASL INtrospection) proof-of-concept exploit leverages memory side-channels to defeat ASLR in a 64-bit Windows Server 2012 victim VM running on a default KVM configuration. Understand the underlying concepts of the attack and witness a demonstration of the CAIN exploit in action. Gain valuable insights into cloud security risks and potential mitigation strategies during this 53-minute presentation by Antonio Barresi, Kaveh Razavi, Mathias Payer, and Thomas Gross.
Overview
Syllabus
Silently Breaking ASLR In The Cloud
Taught by
Black Hat
Related Courses
-
Abusing Performance Optimization Weaknesses to Bypass ASLR
-
Exec ASLR - Abusing Intel Branch Predictors to Bypass ASLR
-
Exploit Mitigation Improvements in Windows 8
-
Just-In-Time Code Reuse - The More Things Change, the More They Stay the Same
-
Cross the Wall - Bypass All Modern Mitigations of Microsoft Edge
-
Hey Man, Have You Forgotten to Initialize Your Memory?
