Here are the slides from CONFidence 2010 held Krakow, where DSecRG told about the weaknesses in modern technologies of protection against arbitrary code execution. GS, safeSEH, DEP and ASLR. How can it be bypassed? Modern techniques. Return-Oriented Programming (ROP). Attack on clients – JIT SPRAY method. How this kind of exploits can be written? Practical tips and tricks with real examples on the latest vulnerabilities provided.
Author: Alexey Sintsov