Presentation on theme: "The past, the present and the future of software exploitation techniques Nikita Tarakanov, Moscow, Russia ZeroNights 2014 13st of November 2014."— Presentation transcript:
The past, the present and the future of software exploitation techniques Nikita Tarakanov, Moscow, Russia ZeroNights 2014 13st of November 2014
Agenda Introduction The past The present The (nearest) future Q&A
Introduction This talk is very high-level overview of past and present software exploitation techniques (and their first appearances) Mostly about memory corruptions and “binary” vulnerabilities The (nearest) future section is just thoughts of speaker
11/8/2001 Once upon a free http://phrack.org/issues/57/9.html
2/7/2002 - Third Generation Exploits https://www.blackhat.com/presentations/bh-europe-01/halvar- flake/bh-europe-01-halvarflake-1.ppt
7/28/2002 - Advances in Format String Exploitation http://phrack.org/issues/59/7.html
7/10/2003 - "Variations in Exploit methods between Linux and Windows" http://www.blackhat.com/presentations/bh-usa-03/bh-us-03- litchfield-paper.pdf http://www.blackhat.com/presentations/bh-usa-03/bh-us-03- litchfield-paper.pdf
8/2/2003 - “Win32 device drivers communication vulnerabilities” http://seclists.org/fulldisclosure/2003/Aug/86 Arbitrary memory overwrite via ioctl METHOD_NEITHER
9/8/2003 - "Defeating the Stack Based Buffer Overflow Prevention Mechanism of MS Windows 2003 Server" https://www.blackhat.com/presentations/bh-asia-03/bh-asia-03- litchfield.pdf
9/30/2003 - /SAFESEH introduced into Visual Studio Remove this slide?
4/21/2004 “Reliable Windows Heap Exploits” https://cansecwest.com/core04/cansecwest04.iso
Your consent to our cookies if you continue to use this website.