Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

PAPER: JIT spraying and mitigations

From: "Piotr Bania" <bania.piotr () gmail com>
Date: Mon, 6 Sep 2010 08:15:19 +0200
ABSTRACT

With the discovery of new exploit techniques, novel protection mechanisms 
are needed as well. Mitigations like DEP (Data Execution Prevention) or ASLR 
(Address Space Layout Randomization) created a significantly more difficult 
environment for exploitation. Attackers, however, have recently researched 
new exploitation methods which are capable of bypassing the operating system's 
memory mitigations. One of the newest and most popular exploitation 
techniques to bypass both of the aforementioned security protections is JIT 
memory spraying, introduced by Dion Blazakis. In this article we will 
present a short overview of the JIT spraying technique and also novel 
mitigation methods against this innovative class of attacks. An anti-JIT 
spraying library was created as part of our shellcode execution prevention 
system.

PAPER LINK:
http://www.piotrbania.com/all/articles/pbania-jit-mitigations2010.pdf

PAPER MIRROR:
http://kryptoslogic.com/download/JIT_Mitigations.pdf


best regards,
pb


-- 
--------------------------------------------------------------------
Piotr Bania - <bania.piotr () gmail com> - 0xCD, 0x19
Fingerprint: 413E 51C7 912E 3D4E A62A  BFA4 1FF6 689F BE43 AC33
http://www.piotrbania.com  - Key ID: 0xBE43AC33
--------------------------------------------------------------------

               - "The more I learn about men, the more I love dogs."


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: