Bochspwn Reloaded: Detecting Kernel Memory Disclosure with x86 Emulation and Taint Tracking

Дата: 21.11.2017. Автор: CISO CLUB. Категории: Подкасты и видео по информационной безопасности

In kernel-mode, buffer overflows and similar memory corruption issues in the internal logic are usually self-evident and can be detected with a number of static and dynamic approaches. On the contrary, flaws directly related to interactions with user-mode clients tend to be more subtle, and can survive unnoticed for many years, while still providing primitives similar to the classic bugs.

By Mateusz Jurczyk

Full Abstract & Presentation Materials:
https://www.blackhat.com/us-17/briefings.html#bochspwn-reloaded-detecting-kernel-memory-disclosure-with-x86-emulation-and-taint-tracking

CISO CLUB

Об авторе CISO CLUB

Редакция портала cisoclub.ru. Добавляйте ваш материал на сайт в разделе "Разместить публикацию".
Читать все записи автора CISO CLUB

Добавить комментарий

Ваш адрес email не будет опубликован. Обязательные поля помечены *