Coursera Flash Sale
40% Off Coursera Plus for 3 Months!
Grab it
Watch a conference talk from USENIX Security '24 exploring Einstein, an innovative data-only attack exploitation pipeline. Learn how researchers from Vrije Universiteit Amsterdam developed a lightweight approach to identify and exploit vulnerabilities in system calls, moving beyond traditional control-flow hijacking methods. Discover how Einstein employs dynamic taint analysis policies to scan for vulnerable syscall chains and generate exploits from unmodified attacker data. Examine the tool's effectiveness through a case study of nginx, where it generated 944 exploits and successfully bypassed modern security mitigations. Gain insights into practical attack generation techniques that address real-world attacker goals without relying on complex symbolic execution or manual gadget chaining.
