String Oriented Programming

Circumventing ASLR, DEP, and Other Guards

Mathias Payer

The protection landscape is changing and exploits are getting more and more sophisticated. Exploit generation toolkits can be used to construct exploits for specific applications using well-defined algorithms. We present such an algorithm for leveraging format strings and introduce string oriented programming.

Related

Download

Embed

Share:

Tags