3 Hits in 2.7 sec

HeapHopper: Bringing Bounded Model Checking to Heap Implementation Security

Moritz Eckert, Antonio Bianchi, Ruoyu Wang, Yan Shoshitaishvili, Christopher Kruegel, Giovanni Vigna
2018 USENIX Security Symposium  
to the Proceedings of the 27th USENIX Security Symposium is sponsored by USENIX.  ...  Acknowledgments We would like to thank our shepherd, Brendan Dolan-Gavitt, for his help and comments.  ...  Government is authorized to reproduce and distribute reprints for Governmental purposes notwithstanding any copyright notation thereon. The views and  ... 
dblp:conf/uss/EckertB0SKV18 fatcat:ok74aezv6fgr5h56g72aziwcre

HAEPG: An Automatic Multi-hop Exploitation Generation Framework [chapter]

Zixuan Zhao, Yan Wang, Xiaorui Gong
2020 Lecture Notes in Computer Science  
Current studies require a sensitive pointer on the heap to hijack the control flow and pay little attention to vulnerabilities with limited capabilities.  ...  All the exploits could bypass NX [25] and Full RELRO [28] security mechanisms.  ...  Heaphopper [19] is an automated approach to analyze the exploitability of heap implementations in the presence of memory corruption.  ... 
doi:10.1007/978-3-030-52683-2_5 fatcat:qz4u3hb63negtlsbjzvuecwiye

A Pattern-Based Software Testing Framework for Exploitability Evaluation of Metadata Corruption Vulnerabilities

Fenglei Deng, Jian Wang, Bin Zhang, Chao Feng, Zhiyuan Jiang, Yunfei Su
2020 Scientific Programming  
of heap metadata.  ...  In this paper, we aim to explore whether heap metadata could be corrupted and exploited by cyberattackers, in an attempt to assess the exploitability of vulnerabilities and ensure software quality.  ...  MOP construction and MOG extraction are implemented on top of IDA Python [50] . Also, we implemented a heap allocator model by building function mapping relationships in Python.  ... 
doi:10.1155/2020/8883746 fatcat:vb74hepyenhifcx5okipfozaba