From SIPB Cluedumps

Jump to: navigation, search

[edit] Exploiting the Internet (or, how to 0wn the internet in your free time)

Date: November 5, 2007, at 3:30 PM
Afternotes: See Nelson's cluedump page.
Presenters: Nelson Elhage (nelhage)
Location: 56-114
Abstract: The world has changed since Aleph One's "Smashing The Stack For Fun And Profit." Buffer overflows, while less common, are still discovered in major software almost every day. However, runtime-system countermeasures, such as non-executable stacks and stack protection or "canary" technologies, are increasingly prevalent and sophisticated. I'll start with a review of the classic "stack-smashing" attack, and then cover a variety of the methods used to defeat such attacks even on vulnerable software, as well as some of the tricks hackers have invented for getting around them.
Personal tools