The past, the present and the future of software exploitation techniques

No ratings

Presented at ZeroNights 2014 by

Nikita Tarakanov

It began with lame stack-based buffer overflows. Then DEP/NX appeared, that should raise the bar. Then ROP appeared. Then it continued with linking and unlinking corrupted heap buffers. Then ASLR appeared, that should raise the bar. Then sophisticated techniques continued to bypass NX/ASLR. Then CFI appeared. Then sophisticated techniques continued to bypass NX/ASLR/CFI... In this talk we will show how exploitation techniques have evolved, and what we will see in the nearest future of exploitation techniques.