Unwinding the Stack for Fun and Profit

Dive into a 36-minute Black Hat conference talk exploring the resurrection of stack-based buffer overflow exploits in modern software. Learn how exception handling mechanisms can be manipulated to bypass stack protection measures like cookies. Discover techniques for control flow hijacking, manipulating local variables, and abusing the chop. Follow along with a comprehensive demonstration and recap of these advanced exploitation methods, breathing new life into previously thwarted attack vectors. Gain insights from security experts Victor Duta, Fabian Freyer, Cristiano Giuffrida, Marius Muench, and Fabio Pagani as they challenge conventional wisdom about software vulnerability mitigation.

Intro
Control Flow Hijacking
Control local variables
Abuse the chop
Summary
Review
Demo
Recap