October 5, 2016

Exploitation 107

This lecture is the final exploit development lecture for the course. In it we touch on a few final topics for format string exploitation and heap sprays. We additionally cover clang, it's exploit mitigations, and a novel exploit mitigation bypass technique for clang's "safe-stack". We finally cover EMET, GrSecurity and PaX, KERNHEAP, and SeLinux in depth. Last and most importantly, we demonstrate the necessity of compiling and hardening your own Linux systems from source code, as default binary distros release without using many of the simplest of exploit mitigations.

[ Slides ] [ Homework ]

Interested in having your homework graded? Contact us to learn about grading options. The release schedule for this course is available here.

No comments:

Post a Comment

Note: Please keep comments academic in nature.