Coursera Spring Sale
40% Off Coursera Plus Annual!
Grab it
Explore nine novel bypasses of Windows' strongest ASLR protection in this DEF CON 33 conference talk that demonstrates how simple ROP gadgets can construct highly reliable, universal ASLR bypasses to key Windows system DLLs. Learn how high-entropy ASLR, previously considered virtually unbreakable, can be defeated using mostly easy-to-find ROP gadgets that enable free use of ROP gadgets from system DLLs in exploits. Discover how these techniques greatly expand the attack surface and make previously impossible attacks feasible on binaries that were constrained by limited gadgets. Examine the technical deep dive into Windows internals and the design methodology behind these bypass techniques, with primary focus on x64 systems and brief coverage of similar x86 attacks. Witness the debut of a new open-source mini-tool that generates complete x64 ROP chains for each bypass method, demonstrated through live attack scenarios. Gain insights into remediation recommendations to help address these vulnerabilities, all presented in an accessible format suitable for both technical experts and beginners interested in Windows security and exploitation techniques.
