- AnC - an attack that can fully derandomize ASLR from JavaScript without relying on any software feature https://www.vusec.net/projects/anc/ 31 comments netsec
Linking pages
- New ASLR-busting JavaScript is about to make drive-by exploits much nastier | Ars Technica https://arstechnica.com/security/2017/02/new-aslr-busting-javascript-is-about-to-make-drive-by-exploits-much-nastier/ 60 comments
- Hardening C/C++ Programs Part II – Executable-Space Protection and ASLR – Productive C++ http://www.productive-cpp.com/hardening-cpp-programs-executable-space-protection-address-space-layout-randomization-aslr/ 29 comments
- A Chip Flaw Strips Away a Key Hacking Safeguard for Millions of Devices | WIRED https://www.wired.com/2017/02/flaw-millions-chips-strips-away-key-hacking-defense-software-cant-fully-fix/ 7 comments
- A Chip Flaw Strips Away a Key Hacking Safeguard for Millions of Devices | WIRED https://www.wired.com/2017/02/flaw-millions-chips-strips-away-key-hacking-defense-software-cant-fully-fix/?mbid=social_fb 0 comments
- articles/article.md at master · lattera/articles · GitHub https://github.com/lattera/articles/blob/master/infosec/Exploit%20Mitigations/ASLR/2017-02-15_anc/article.md 0 comments
- JavaScript Attack Breaks ASLR on 22 CPU Micro-Architectures https://www.bleepingcomputer.com/news/security/javascript-attack-breaks-aslr-on-22-cpu-architectures/ 0 comments
Linked pages
Would you like to stay up to date with Web Development? Checkout Web Development
Weekly.