Buffer Overflows, Stack Smashes and Memory Corruption Attacks have been the info sec headline stealers for the better part of 3 decades. Sadly, poor record keeping (and dismal regard for attribution of prior research) has resulted in huge gaps in our "hacker folklore". It has also resulted in several re-inventions of the wheel.
This talk traces the history of memory corruption attacks and defenses, from the Morris Worm of 1988 to the awesome Pointer Inference work published by Blazakis in 2010. We will demonstrate with code samples, live demo's (and pretty pictures) the progression of these attacks, how they work, when they first came to light, and the mitigations that have been developed and deployed to thwart them.
For the most part we focus on the Windows & Linux on the X86 Platform.
thinkst Haroon Meer is a lead researcher at thinkst, an applied research company with a deep focus on Information Security. Haroon has contributed to several books on Penetration Testing and Security and is a regular speaker at both academic and industry conferences around the world. He still doesn't drink Tea or smoke Camels...