YoVDO

RetroWrite- Statically Instrumenting COTS Binaries for Fuzzing and Sanitization

Offered By: IEEE via YouTube

Tags

Binary Analysis Courses Memory Management Courses Software Security Courses Fuzzing Courses Vulnerability Research Courses

Course Description

Overview

Explore a principled static rewriting framework for position-independent code (PIC) in this IEEE conference talk. Delve into the challenges of instrumenting COTS binaries, including hardcoded relative offsets and the indistinguishability between scalars and references. Learn about RetroWrite, a solution that addresses these issues through symbolization techniques. Discover how RetroWrite enables coverage instrumentation with afl-retrowrite and memory region instrumentation with asan-retrowrite. Gain insights into the practical applications of this framework for fuzzing and sanitization of binaries.

Syllabus

Intro
Problems
Challenges: Hardcoded Relative Offsets
Challenges: Scalar and References are Indistinguishable
RetroWrite: Principled static rewriting framework for position-independent code (PIC)
RetroWrite: Overview
RetroWrite: Symbolization
afl-retrowrite: Coverage Instrumentation
asan-retrowrite: Instrumentation
asan-retrowrite: Memory Regions
Conclusion


Taught by

IEEE Symposium on Security and Privacy

Tags

Related Courses

Empirical Exploitation in Cybersecurity - HD Moore
YouTube Macs Get Sick Too
YouTube Finding 0days in Embedded Systems with Code Coverage Guided Fuzzing
BruCON Security Conference via YouTube Responsible Disclosure Preparedness for IoT Security - 2017
LASCON via YouTube From Zero to Zero Day
media.ccc.de via YouTube