Bypassing Control Flow Guard in Windows 10

Explore advanced techniques for bypassing Control Flow Guard in Windows 10 through this conference talk from Louisville Infosec 2015. Delve into memory corruption, attack prevention strategies, and the intricacies of Control Flow Integrity. Learn about the need for relaxed control flow, performance impacts, and sample programs demonstrating guard checks. Discover security research methodologies, bypass techniques, and the role of Windows operations in coarse-grain protection. Examine virtual protect mechanisms, Flash vulnerabilities, and generic bypass methods. Investigate stack desynchronization, the "Jackpot Pattern," and censored slides revealing critical insights. Gain valuable recommendations for enhancing system security and participate in a Q&A session to deepen your understanding of these complex cybersecurity concepts.

Intro
Who are we
Motivation
Limitations
Summary
Memory Corruption
Stop Attacks
Conclusion
Control Flow Integrity
Need for Relaxed Control Flow
Should you use it
What it does
Impact on performance
Sample program
Guard check
Program crash
What does CFG allow
How to do security research
Whats the key
How do we bypass
Does it take time
Windows Ops
Coarse Grain
Virtual Protect
Flash
Black Hat
Generic Bypass
Stack Do Sink
How Did We Get The Tip
The Problem
Desynchronization
Stack Dsync
Research
Stack Sinking
Jackpot Pattern
More censored slides
Whats interesting
In summary
Recommendations
Questions