Internet Archive Scholar
Filters
























3 Hits in 2.7 sec

HeapHopper: Bringing Bounded Model Checking to Heap Implementation Security

Moritz Eckert, Antonio Bianchi, Ruoyu Wang, Yan Shoshitaishvili, Christopher Kruegel, Giovanni Vigna
2018 USENIX Security Symposium  

Preserved Fulltext

fulltext thumbnail
Web Archive Capture PDF (863.0 kB)
https://web.archive.org/web/20210727102804/https://www.usenix.org/system/files/conference/usenixsecurity18/sec18-eckert.pdf

A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2021; you can also visit the original URL. The file type is application/pdf.

to the Proceedings of the 27th USENIX Security Symposium is sponsored by USENIX.  ...  Acknowledgments We would like to thank our shepherd, Brendan Dolan-Gavitt, for his help and comments.  ...  Government is authorized to reproduce and distribute reprints for Governmental purposes notwithstanding any copyright notation thereon. The views and  ... 
dblp:conf/uss/EckertB0SKV18 fatcat:ok74aezv6fgr5h56g72aziwcre
Citation

Moritz Eckert, Antonio Bianchi, Ruoyu Wang, Yan Shoshitaishvili, Christopher Kruegel, Giovanni Vigna. "HeapHopper: Bringing Bounded Model Checking to Heap Implementation Security." USENIX Security Symposium (2018) 99-116

HAEPG: An Automatic Multi-hop Exploitation Generation Framework [chapter]

Zixuan Zhao, Yan Wang, Xiaorui Gong
2020 Lecture Notes in Computer Science  

Preserved Fulltext

fulltext thumbnail
Web Archive Capture PDF (574.3 kB)
https://web.archive.org/web/20200909203519/https://link.springer.com/content/pdf/10.1007%2F978-3-030-52683-2_5.pdf

A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL. The file type is application/pdf.

Current studies require a sensitive pointer on the heap to hijack the control flow and pay little attention to vulnerabilities with limited capabilities.  ...  All the exploits could bypass NX [25] and Full RELRO [28] security mechanisms.  ...  Heaphopper [19] is an automated approach to analyze the exploitability of heap implementations in the presence of memory corruption.  ... 
doi:10.1007/978-3-030-52683-2_5 fatcat:qz4u3hb63negtlsbjzvuecwiye
Citation

Zixuan Zhao, Yan Wang, Xiaorui Gong. "HAEPG: An Automatic Multi-hop Exploitation Generation Framework." Lecture Notes in Computer Science (2020) 89-109

A Pattern-Based Software Testing Framework for Exploitability Evaluation of Metadata Corruption Vulnerabilities

Fenglei Deng, Jian Wang, Bin Zhang, Chao Feng, Zhiyuan Jiang, Yunfei Su
2020 Scientific Programming  

Preserved Fulltext

fulltext thumbnail
Web Archive Capture PDF (1.9 MB)
https://web.archive.org/web/20200930013116/http://downloads.hindawi.com/journals/sp/2020/8883746.pdf

A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL. The file type is application/pdf.

of heap metadata.  ...  In this paper, we aim to explore whether heap metadata could be corrupted and exploited by cyberattackers, in an attempt to assess the exploitability of vulnerabilities and ensure software quality.  ...  MOP construction and MOG extraction are implemented on top of IDA Python [50] . Also, we implemented a heap allocator model by building function mapping relationships in Python.  ... 
doi:10.1155/2020/8883746 fatcat:vb74hepyenhifcx5okipfozaba
DOAJ
Citation

Fenglei Deng, Jian Wang, Bin Zhang, Chao Feng, Zhiyuan Jiang, Yunfei Su. "A Pattern-Based Software Testing Framework for Exploitability Evaluation of Metadata Corruption Vulnerabilities." Scientific Programming (2020) 1-21