Unleashing Mayhem on Binary Code
Offered By: IEEE via YouTube
Course Description
Overview
Explore the intricacies of automatic exploit generation in binary programs through this IEEE Symposium on Security & Privacy presentation. Delve into the innovative Mayhem system, designed to uncover exploitable bugs and generate working shell-spawning exploits in executable programs without debugging information. Learn about two groundbreaking techniques: hybrid symbolic execution and index-based memory modeling, which address challenges in managing execution paths and reasoning about symbolic memory indices. Discover how Mayhem successfully identified 29 exploitable vulnerabilities across Linux and Windows programs, including two previously undocumented issues. Gain insights into the system's architecture, symbolic execution process, safety policies, and optimization techniques for efficient vulnerability detection and exploit generation in binary code.
Syllabus
Intro
Automatic Exploit Generation Challenge
Ghostscript v8.62 Bug
Generating Exploits
Unleashing Mayhem
How Mayhem Works: Symbolic Execution
Path Predicate = II
Safety Policy in Mayhem
Challenges
Current Resource Management in Symbolic Execution
Offline Execution
Online Execution
Mayhem: Hybrid Execution
Symbolic Indices
Another Cause: Table Lookups
Method 1: Concretization
Method 2: Fully Symbolic
Step 1 - Find Bounds
Step 2 - Index Search Tree Construction
Fully Symbolic vs. Index-based Memory Modeling Time
Index Search Tree Optimization: Piecewise Linear Approximation
Conclusion
Taught by
IEEE Symposium on Security and Privacy
Tags
Related Courses
Ethical Hacking in 15 Hours - 2023 Edition - Learn to HackCyber Mentor via YouTube Contextomy - Let's Debug Together
nullcon via YouTube macOS Security Features Bypasses by Example
nullcon via YouTube Exploiting Android Messengers with WebRTC
nullcon via YouTube XNU Heap Exploitation - From Kernel Bug to Kernel Control
nullcon via YouTube