By: Georg Wicherski, Alexandru Radocea & Alex Ionescu
A shiny and sparkling way to break user-space ASLR, kernel ASLR and even find driver bugs! Understanding how a specific Operating System organizes its Page Tables allow you to find your own ASLR bypasses and even driver vulnerabilities. We will drop one 0day Android ASLR bypass as an example; you can then break all your other expensive toys yourself. Page Tables are the data structures that map between the virtual address space your programs see to the actual physical addresses identifying locations on your physical RAM chips. We will visualize these data structures for:
Windows 8 on x86_64
Windows 8 RT on ARMv7
Linux 3.8 on x86_64
Linux 3.4 on ARMv7 alias Android 4.2
XNU on x86_64 alias OS X
XNU on ARMv7 alias iOS
Besides showing pretty pictures, we will actually explain what they show and how to interpret commonalities and differences across the same kernel on different architectures.
By comparing the page table state on the same architecture across different runs, we will identify static physical mappings created by drivers, which can be useful for DMA attacks (think FireWire or Thunderbolt forensics). Static virtual mappings are even more interesting and can be used for (K)ASLR bypasses.
To make a final point, that this is not only nice to look at, we will show how we found a mitigated Android 4.0.x generic user-space ASLR bypass. For those interested in actually owning targets, we will show an Android 4.2.2 generic user-space ASLR bypass that also affects other latest Linux/ARM kernels.
Xem thêm bài viết khác: https://baogiaxevn.com/tong-hop/
Xem thêm Bài Viết:
- Vị trí khu đô thị Lakeview City có gì đắt giá – xem ngay!
- SIMPLE LAZY CLEANING LIFE HACKS AND TRICKS || DIY Best Funny Home Organization Ways By 123 GO! BOYS
- Hack PUBG Mobile Game Possible ?? – The Shocking Reality😡😡Every PUBG User Must Know
- Free Fire Diamond Hacker & Auto Headshot Hacker Player – Garena Free Fire
- TIK TOK AUTO FOLLOWER LIKES HACK IN 1 CLICK | INCREASE LIKES ON MUSICALLY IN HINDI NEW TRICK 2018