2007/11-05
From SIPB Cluedumps
[edit] Exploiting the Internet (or, how to 0wn the internet in your free time)
| Date: November 5, 2007, at 3:30 PM |
| Afternotes: See Nelson's cluedump page. |
| Presenters: Nelson Elhage (nelhage) |
| Location: 56-114 |
| Abstract: The world has changed since Aleph One's "Smashing The Stack For Fun And Profit." Buffer overflows, while less common, are still discovered in major software almost every day. However, runtime-system countermeasures, such as non-executable stacks and stack protection or "canary" technologies, are increasingly prevalent and sophisticated. I'll start with a review of the classic "stack-smashing" attack, and then cover a variety of the methods used to defeat such attacks even on vulnerable software, as well as some of the tricks hackers have invented for getting around them. |
