Conference item icon

Conference item

Gollum: modular and greybox exploit generation for heap overflows in interpreters

Abstract:
We present the first approach to automatic exploit generation for heap overflows in interpreters. It is also the first approach to exploit generation in any class of program that integrates a solution for automatic heap layout manipulation. At the core of the approach is a novel method for discovering exploit primitives—inputs to the target program that result in a sensitive operation, such as a function call or a memory write, utilizing attacker-injected data. To produce an exploit primitive from a heap overflow vulnerability, one has to discover a target data structure to corrupt, ensure an instance of that data structure is adjacent to the source of the overflow on the heap, and ensure that the post-overflow corrupted data is used in a manner desired by the attacker. Our system addresses all three tasks in an automatic, greybox, and modular manner. Our implementation is called GOLLUM, and we demonstrate its capabilities by producing exploits from 10 unique vulnerabilities in the PHP and Python interpreters, 5 of which do not have existing public exploits.
Publication status:
Published
Peer review status:
Peer reviewed

Actions

Access Document

Files:
Publisher copy:
10.1145/3319535.3354224

Authors

More by this author
Institution:
University of Oxford
Oxford college:
Balliol College
Role:
Author
More by this author
Institution:
University of Oxford
Division:
MPLS
Department:
Computer Science
Oxford college:
Balliol College
Role:
Author
ORCID:
0000-0002-2462-2782
More by this author
Institution:
University of Oxford
Division:
MPLS Division
Department:
Computer Science
Oxford college:
Magdalen College
Role:
Author


Publisher:
ACM Digital Library
Host title:
Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security
Journal:
Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security More from this journal
Pages:
1689-1706
Publication date:
2019-11-06
Acceptance date:
2019-07-31
DOI:
ISBN:
9781450367479


Keywords:
Pubs id:
pubs:1039998
UUID:
uuid:2df77994-1bcf-4ae8-85a1-5619191fe829
Local pid:
pubs:1039998
Source identifiers:
1039998
Deposit date:
2019-08-08
ARK identifier:

Terms of use


Views and Downloads






If you are the owner of this record, you can report an update to it here: Report update to this record

TO TOP