Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Identifying Syscall-Guard Variables for Data-Only Attacks

Black Hat via YouTube

Start learning Write review
Pragmatic Institute Ad

Foundations for Product Management Success

Learn More → Coursera Ad

Gain a Splash of New Skills - Coursera+ Annual Nearly 45% Off

Learn More →

Overview

Coursera Flash Sale
40% Off Coursera Plus for 3 Months!
Grab it
Explore a groundbreaking presentation on identifying syscall-guard variables for data-only attacks. Delve into the challenges of control-flow protection techniques and the emergence of data-only attacks that corrupt critical non-control data. Learn about the innovative "branch force" method that intentionally flips conditional branches to detect security-related syscalls. Discover how the VIPER tool implements these ideas, successfully identifying 34 previously unknown syscall-guard variables across 13 programs. Gain insights into four new data-only attacks on sqlite and v8, demonstrating the ability to execute arbitrary commands or delete files. Understand the practicality and efficiency of this approach in spotting syscall-guard variables, with analysis completed within five minutes for most programs.

Syllabus

One Flip is All It Takes: Identifying Syscall-Guard Variables for Data-Only Attacks

Taught by

Black Hat

Reviews

Start your review of Identifying Syscall-Guard Variables for Data-Only Attacks

Start learning

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Sign up for free
Someone learning on their laptop while sitting on the floor.