conference logo

Playlist "28C3: behind enemy lines"

String Oriented Programming

Mathias Payer

The protection landscape is changing and exploits are getting more and more sophisticated. Exploit generation toolkits can be used to construct exploits for specific applications using well-defined algorithms. We present such an algorithm for leveraging format strings and introduce string oriented programming.