查看文章

Sergey Bratus, Sean W Smith

“Weird Machines” in ELF: Page 1 “Weird Machines” in ELF: A Spotlight on the Underappreciated Metadata Rebecca “bx” Shapiro [email protected] Sergey Bratus [email protected] Sean W. Smith [email protected] Dartmouth College WOOT Aug 13, 2013 Page 2 Overview ● History of metadata – In exploitation – In defense ● Motivation: why ELF metadata ● Overview of runtime loading ● Cobbler: ELF metadata-driven computation ● Conclusion Page 3 Our contributions ● Highlight metadata as interesting attack vector ● Built Turing-complete computation environment – ELF metadata → instructions – Runtime loader → machine ● Highlight loader's role in composition & trust Image source: JHU Engineering Magazine Page 4 One of these things is not like the others... ● Trojans/viruses ● SQL injection ● Cross site scripting ● Stack smashing (Aleph One) ● Return-oriented programming …