Monday, May 14, 2012

Simple Mitigation method to prevent exploit using function pointer overwriting( for sale )

Some heap overflow exploit overwrite function pointer ( including C++ vptr ) .
Function pointer itself can not be protected effectively.
But exploit using function pointer overwriting can be mitigated effectively under DEP.
if extra 2 or 3 instructions can be  executed at each function pointer call  ,
it is very hard to exploit successfully.

If you are interested in my idea , send mail to ohojang@gmail.com

Sunday, May 13, 2012

Another Mitigation method by hardware like DEP will stop exploit.

I think that another mitigation method by hardware like DEP will stop exploit.

As you know, DEP is "Data Execution Prevention" .

And DEP is very efficient.

There is no another mitigation method to stop exploit ?

I have some hints.

If i succeed , I will try to publish in Black hat 2012.... ( oops... CFP ends at 2012.05.15 )


Thursday, May 10, 2012

Memory corruption Exploit will remain for a while

 Modern popular exploit techniques are stack overflow, heap overflow, use-after-free ...

 Most people think that overflow is crucial  reason of attack.

 But in my opinion ,crucial reason of attack is modern computer architecture feature.

 If modern computer architecture is not changed, memory corruption attack will remain.

Wednesday, May 9, 2012

Anti-ROP at Compiler Level on x86 ( for sale )

Anti-ROP can be made by extra 3 instructions per call-ret  pair instructions on x86.

These extra 3 instructions must be inserted at compile time by compiler.

Of course , performance degrade will occur by 3 extra instructions.

But 3 extra instructions cause small performance degrade.

And, theoretically bypassing method  exist .

But It is more difficult simultaneously exploit and bypass.

So All practical ROP exploit publicly available are mitigated by this anti-ROP technique.

If you are interested in this idea, send an email to  ohojang@gmail.com

Thanks.




Introduction to my blog.

Welcome to my blog.
I am security researcher and software engineer in South Korea.
I will publish interesting article about security.
Exploit technique or Vulnerability analysis will be published on my blog freely.
But , Some ideas improving security is not free.
Because, that information may be used by Apple, Google , Microsoft ... for their profit.
So,such ideas will be described roughly.

Now , I am seeking information security job at US.
I have several good ideas for improving security at system and compiler level.
If you are interested in me . send mail.  ohojang@gmail.com