Ben HawkesAug 2, 2023

New Isosceles blog: https://blog.isosceles.com/an-introduction-to-exploit-reliability/

"An Introduction to Exploit Reliability" is a short, high-level overview of exploit reliability from a defensive point-of-view. What is exploit reliability? What can defenders do to make writing a reliable exploit harder?

An Introduction to Exploit Reliability

Earlier this year I was invited to give a talk at University of California San Diego (UCSD) for Nadia Heninger's CSE 127 ("Intro to Computer Security"). I chose to talk about modern exploit development, stepping through the process of finding and exploiting some of the memory corruption bugs that the

Isosceles Blog
Show threadSamuel Groß
@hawkes Great post! One of the goals of the V8 Sandbox (https://docs.google.com/document/d/1FM4fQmIhEqPG8uGp5o9A-mnPB5BOeScZYpkHjo0KKA8/edit?usp=sharing) is to eventually force attackers to exploit a second, less reliable memory corruption bug to get out of the V8 sandbox after the initial, usually extremely reliable V8 exploit.
V8 Sandbox - High-Level Design Doc

V8 Sandbox Aka. “Ubercage” Author: saelo@ First Published: July 2021 Last Updated: July 2022 Status: Living Doc Visibility: PUBLIC This document is part of the V8 Sandbox Project and covers the high-level design of the sandbox. Summary Objective: build a low-overhead, in-process sandbox for V8. ...

Google Docs
Aug 4, 2023 at 2:07pmWeb