Automated exploitation of fully randomized executables
Download1203138667-MIT.pdf (688.2Kb)
Other Contributors
Massachusetts Institute of Technology. Department of Electrical Engineering and Computer Science.
Advisor
Martin C. Rinard.
Terms of use
Metadata
Show full item recordAbstract
Despite significant research into their remediation, memory corruption vulnerabilities remain a significant issue today. Attacks created to exploit these vulnerabilities are remarkably brittle due to their dependence on the presence of specific security settings, use of certain compiler toolchains, and the target's environment. I present Marten, a new end-to-end system for automatically discovering, exploiting, and combining information leakage and buffer overflow vulnerabilities to generate exploits that are robust against defenses, compilation decisions, and environment differences. Marten has generated four control flow hijacking exploits and three information leakage exploits. One of the information leakage exploits is generated against a previously undiscovered zero-day vulnerability in Serveez-0.2.2. CVE-2019-16200 has been assigned to this vulnerability. These results highlight Marten's ability to generate robust exploits that bypass modern defenses to download and execute injected code selected by an attacker.
Description
This electronic version was submitted by the student author. The certified thesis is available in the Institute Archives and Special Collections. Thesis: S.M., Massachusetts Institute of Technology, Department of Electrical Engineering and Computer Science, February, 2020 Cataloged from student-submitted PDF version of thesis. "February 2020." Includes bibliographical references (pages 73-75).
Date issued
2020Department
Massachusetts Institute of Technology. Department of Electrical Engineering and Computer SciencePublisher
Massachusetts Institute of Technology
Keywords
Electrical Engineering and Computer Science.