YoVDO

RetroWrite- Statically Instrumenting COTS Binaries for Fuzzing and Sanitization

Offered By: IEEE via YouTube

Tags

Binary Analysis Courses Memory Management Courses Software Security Courses Fuzzing Courses Vulnerability Research Courses

Course Description

Overview

Explore a principled static rewriting framework for position-independent code (PIC) in this IEEE conference talk. Delve into the challenges of instrumenting COTS binaries, including hardcoded relative offsets and the indistinguishability between scalars and references. Learn about RetroWrite, a solution that addresses these issues through symbolization techniques. Discover how RetroWrite enables coverage instrumentation with afl-retrowrite and memory region instrumentation with asan-retrowrite. Gain insights into the practical applications of this framework for fuzzing and sanitization of binaries.

Syllabus

Intro
Problems
Challenges: Hardcoded Relative Offsets
Challenges: Scalar and References are Indistinguishable
RetroWrite: Principled static rewriting framework for position-independent code (PIC)
RetroWrite: Overview
RetroWrite: Symbolization
afl-retrowrite: Coverage Instrumentation
asan-retrowrite: Instrumentation
asan-retrowrite: Memory Regions
Conclusion


Taught by

IEEE Symposium on Security and Privacy

Tags

Related Courses

Ethical Hacking in 15 Hours - 2023 Edition - Learn to Hack
Cyber Mentor via YouTube Contextomy - Let's Debug Together
nullcon via YouTube macOS Security Features Bypasses by Example
nullcon via YouTube Exploiting Android Messengers with WebRTC
nullcon via YouTube XNU Heap Exploitation - From Kernel Bug to Kernel Control
nullcon via YouTube