The Oracle/Sun Java Runtime Environment (JRE) is widely viewed by security researchers as one of the weakest links in the proverbial chain. That said, the exploitation of memory corruption vulnerabilities within the JRE is not always straight-forward. This talk will focus on a collection of techniques to overcome potential issues that one may face while developing exploits against memory corruption vulnerabilities within the JRE. The talk concludes with a demonstration of the techniques as used on a selection of contrived and real-world vulnerabilities.
Joshua J. Drake, a senior research consultant with Accuvant LABS, focuses on original research in areas such as vulnerability discovery and analysis, exploitation technologies, and reverse engineering. Joshua has over 10 years of experience in the information security field. Prior to joining Accuvant, Joshua served as the lead exploit developer for the Metasploit team at Rapid7. In that role, he analyzed and successfully exploited numerous publicly disclosed vulnerabilities in widely deployed software such as Exim, Samba, Microsoft Windows, Office, and Internet Explorer. Prior to that, Joshua spent four years at VeriSign’s iDefense Labs conducting research, analysis, and coordinated disclosure of hundreds of unpublished vulnerabilities.