Automated exploitation of fully randomized executables
Author(s)Gadient, Austin James.
Massachusetts Institute of Technology. Department of Electrical Engineering and Computer Science.
Martin C. Rinard.
MetadataShow full item record
Despite significant research into their remediation, memory corruption vulnerabilities remain a significant issue today. Attacks created to exploit these vulnerabilities are remarkably brittle due to their dependence on the presence of specific security settings, use of certain compiler toolchains, and the target's environment. I present Marten, a new end-to-end system for automatically discovering, exploiting, and combining information leakage and buffer overflow vulnerabilities to generate exploits that are robust against defenses, compilation decisions, and environment differences. Marten has generated four control flow hijacking exploits and three information leakage exploits. One of the information leakage exploits is generated against a previously undiscovered zero-day vulnerability in Serveez-0.2.2. CVE-2019-16200 has been assigned to this vulnerability. These results highlight Marten's ability to generate robust exploits that bypass modern defenses to download and execute injected code selected by an attacker.
This electronic version was submitted by the student author. The certified thesis is available in the Institute Archives and Special Collections.Thesis: S.M., Massachusetts Institute of Technology, Department of Electrical Engineering and Computer Science, February, 2020Cataloged from student-submitted PDF version of thesis. "February 2020."Includes bibliographical references (pages 73-75).
DepartmentMassachusetts Institute of Technology. Department of Electrical Engineering and Computer Science
Massachusetts Institute of Technology
Electrical Engineering and Computer Science.