Skip to content
/ proc-mem-attack Public

Demo of proc/mem attack for full code execution in presence of ideal fine-grained CFI with shadow stacks.

0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

emmaconnor/proc-mem-attack

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
vuln_module
vuln_module
 
 
README.md
README.md
 
 
exploit.py
exploit.py
 
 
ngx_http_proxy_module.e
ngx_http_proxy_module.e
 
 
ngx_modules.py
ngx_modules.py
 
 
ngx_types.h
ngx_types.h
 
 
util.py
util.py
 
 

Repository files navigation

proc-mem-attack

Demo of proc/mem attack for full code execution in presence of ideal fine-grained CFI with shadow stacks.

Includes an intentionally vulnerable custom Nginx module that models an arbitrary-read-and-write memory vulnerability. The proof of concept exploit executes arbitrary code in the target process even in the presence of fine-grained CFI with shadow stacks.

For context on how the attack works, see chapter 4 of the paper:

Connor, Richard J. III, "Improved Architectures for Secure Intra-process Isolation. " PhD diss., University of Tennessee, 2021. https://trace.tennessee.edu/utk_graddiss/6533

About

Demo of proc/mem attack for full code execution in presence of ideal fine-grained CFI with shadow stacks.

Resources

Readme
Activity

Stars

0 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages