Jonathan Brossard, Conservatoire National des Arts et Métiers, Paris
Assessing the existence, exact impact and exploitability of a known (or theoretical) memory corruption vulnerability in an arbitrary piece of compiled software has arguably not become simpler. The current methodology essentially boils down to writing an exploit - or at least a trigger - for each potential vulnerability. Writing an exploit for a weird machine involves several undecidable steps, starting with overcoming the reachability problem. In this article, we introduce the notions of "libification" and "procedural debugging" to facilitate partial debugging of binaries at the procedural level. These techniques allow the transformation of arbitrary dynamically linked ELF binaries into shared libraries, and the study of memory corruption bugs by directly calling the vulnerable functions, hence separating the memory corruption intraprocedural analysis from the reachability problem. Finally, we publish a framework to implement such a libification under a permissive open-source license to facilitate its adoption within the security community.
Open Access Media
USENIX is committed to Open Access to the research presented at our events. Papers and proceedings are freely available to everyone once the event begins. Any video, audio, and/or slides that are posted after the event are also free and open to everyone. Support USENIX and our commitment to Open Access.
This content is available to:
author = {Jonathan Brossard},
title = {Introduction to Procedural Debugging through Binary Libification},
booktitle = {18th USENIX WOOT Conference on Offensive Technologies (WOOT 24)},
year = {2024},
isbn = {978-1-939133-43-4},
address = {Philadelphia, PA},
pages = {17--25},
url = {https://www.usenix.org/conference/woot24/presentation/brossard},
publisher = {USENIX Association},
month = aug
}