Stack Canaries Gingerly Sidestepping the Cage

  • Wednesday, 16 Dec 2020 10:30AM EST (16 Dec 2020 15:30 UTC)
  • Speaker: Michiel Lemmens

Stack canaries or security cookies are tell-tale values added to binaries during compilation to protect critical stack values like return pointers against buffer overflow attacks. If an incorrect canary is detected during certain stages of the execution flow, such as right before return, the program will be terminated. Their presence makes exploitation of such vulnerabilities more difficult. But not impossible.

In this webcast, we will be discussing:

  • What stack canaries look like
  • What kinds of stack canaries can be found
  • When compilers add them
  • How they can be circumvented

Our trip will take us along 32 and 64 bit binaries, assembly (though no fluency is expected), /GS, my grandfather's professional history.