Yuji Ukai: Environment Dependencies In Windows Exploitation(Japanese) Black Hat Briefings, Japan 2004 [Audio] Presentations From The Security Conference podcast

Nội dung được cung cấp bởi Black Hat and Jeff Moss. Tất cả nội dung podcast bao gồm các tập, đồ họa và mô tả podcast đều được Black Hat and Jeff Moss hoặc đối tác nền tảng podcast của họ tải lên và cung cấp trực tiếp. Nếu bạn cho rằng ai đó đang sử dụng tác phẩm có bản quyền của bạn mà không có sự cho phép của bạn, bạn có thể làm theo quy trình được nêu ở đây https://vi.player.fm/legal.

Black Hat Briefings, Japan 2004 [Audio] Presentations from the security conference
Yuji Ukai: Environment Dependencies in Windows Exploitation(Japanese)

18y ago 41:58

Chia sẻ

MP3•Trang chủ episode

"In the case of vulnerabilities which allow the execution of arbitrary machine code, the reliability of exploitation is swayed by the type of vulnerability, the conditions surrounding the vulnerable code, and the attack vector, among other considerations. The reliability of exploitation an important factor for those attempting to exploit a vulnerability'especially so for worm and virus writers'so therefore it is also an important consideration for the threat analysis of security vulnerabilities. In Japan, some public institutions and non-governmental enterprises are providing detailed information and threat analyses of vulnerabilities, exploits, and worms. Because the majority of the systems in Japan run the Japanese version of Windows, the analysis and consideration of language-specific dependencies are very important factors for both the providers and consumers of such information in Japan, especially in case of the worms. Since one of highest priorities of a worm is to propagate as far as possible, some recent worms have employed techniques that avoid language and version dependencies, such as choosing return addresses that can be used across multiple language versions of Windows. In this presentation, the discussion of detailed and practical techniques to achieve environment independence will be avoided, but, at least understanding the technical overview and potentiality of these techniques is important for both providing proper threat analyses, and understanding them in depth. In Black Hat USA 2004, as part of our threat analysis research, we discussed return address discovery using context-aware machine code emulation'namely, our EEREAP project' which is intended to help prove whether universal return addresses exist. In Black Hat Japan 2004, we will expand on this presentation, and we will both explore the risk factors that aid in the avoidance of language and version dependencies, and show how to mitigate these risks. Yuji Ukai is a researcher and senior software engineer with eEye Digital Security. After completing his Ph.D. in computer science at the National University of Tokushima, he began his employment at an appliance vendor in Japan where he developed embedded operating systems. Over the last several years he has discovered several important security holes affecting various software products (Workstation Service and LSASS for Windows, etc) as well as pioneered new trends in wireless security technologies."

22 tập

#Tech #Blackhat Briefings #Blackhat Japan 2004 #Hacking #Computer #Security #Information Security #InfoSec #Speeches #Presentations #Audio #Tech News #Japan #Jeff Moss #Podcasting