Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Unleashing Mayhem on Binary Code

IEEE via YouTube

Overview

Explore the intricacies of automatic exploit generation in binary programs through this IEEE Symposium on Security & Privacy presentation. Delve into the innovative Mayhem system, designed to uncover exploitable bugs and generate working shell-spawning exploits in executable programs without debugging information. Learn about two groundbreaking techniques: hybrid symbolic execution and index-based memory modeling, which address challenges in managing execution paths and reasoning about symbolic memory indices. Discover how Mayhem successfully identified 29 exploitable vulnerabilities across Linux and Windows programs, including two previously undocumented issues. Gain insights into the system's architecture, symbolic execution process, safety policies, and optimization techniques for efficient vulnerability detection and exploit generation in binary code.

Syllabus

Intro
Automatic Exploit Generation Challenge
Ghostscript v8.62 Bug
Generating Exploits
Unleashing Mayhem
How Mayhem Works: Symbolic Execution
Path Predicate = II
Safety Policy in Mayhem
Challenges
Current Resource Management in Symbolic Execution
Offline Execution
Online Execution
Mayhem: Hybrid Execution
Symbolic Indices
Another Cause: Table Lookups
Method 1: Concretization
Method 2: Fully Symbolic
Step 1 - Find Bounds
Step 2 - Index Search Tree Construction
Fully Symbolic vs. Index-based Memory Modeling Time
Index Search Tree Optimization: Piecewise Linear Approximation
Conclusion

Taught by

IEEE Symposium on Security and Privacy

Reviews

Start your review of Unleashing Mayhem on Binary Code

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.