Your App is Leaking! - Bypassing Exploit Mitigations for Pentesters...

  • Monday, 08 Sep 2014 1:00PM EDT (08 Sep 2014 17:00 UTC)
  • Speaker: Stephen Sims

In this presentation we will go over a sampling of exploit mitigation controls such as Address Space Layout Randomization (ASLR) and how different types of memory leaks can allow access to memory, bypassing the protection. We will look at a simple POC example using format strings on Linux, and another using flash objects with IE10.