Description: Exploiting the Forest with Trees
One of the most difficult aspects of securing a protocol implementation is simply bounding the scope of the attack surface: how do you tell where attacks are likely to crop up? Historically, variations between implementations have led to some of the most successful attack techniques -- from simple TCP "Christmas tree" packets to last year's multiple break of the X.509 certificate authority system (by these speakers). But without access to all the relevant source code, how can developers identify potential sources of exploitable variations in behavior? In this presentation, we go beyond the accumulated wisdom of "best practices" and demonstrate a quantitative technique for minimizing inconsistent behavior between implementations. We will also show how this technique can be used from an attacker's perspective. Last year we showed you how to break X.509; this year, we will show you how we found those vulnerabilities and how the same techniques can be used to discover multiple novel 0-days in any vulnerable protocol implementation.
Tags: securitytube , Confidence , hacking , hackers , information security , convention , computer security , blackhat10 , blackhat-2010 ,
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.