Presentation “JIT-Spray Attacks and Advanced Shellcode” from HITB Amsterdam 2010

Here are the slides from Hack In The Box (HITB) 2010 held in Amsterdam, Netherlands where DSecRG experts gave a talk on JIT-SPRAY technique for DEP and ASLR bypass. Here are presented the methods that improve exploit work time for Flash JIT-SPRAY from 8 minutes to 10 seconds; and also shown the way of using Safari JavaScript JIT compiler to bypass DEP and ASLR in Windows 7.

Author: Alexey Sintsov

JIT-Spray Attacks and Advanced Shellcode