Видео [BlackHat Europe 2022] Unwinding the Stack for Fun and Profit

[weaver]

Stack-based buffer overflows are the holy grail of software exploitation. Unfortunately, it's not 2005 anymore: mitigations (such
as stack cookies) have spoiled all the fun! Nowadays, you have to resort to complicated heap feng shui or other exploitation wizardry when you want to pop a shell out of a vulnerability. But wait a second.. What if we would tell you that all the machinery needed to implement exception handling can be bent to support exploitation? And that, after all, you can resurrect that old exploit of yours that was killed by stack cookies? Wouldn't that be exceptionally exceptional?

Слайды -> http://i.blackhat.com/EU-22/Wednesd...ta-Unwinding-the-Stack-for-fun-and-profit.pdf
Видео доклада отсутствует

 

[weaver]