Breaking and Fixing Destructive Code Reads

Destructive code reads (DCR) prevent the attacker from executing code that has been read before. In collaboration with Ruhr-University Bochum, we demonstrated that memory corruption defenses based on DCR can be bypassed regardless of the underlying code randomization scheme. To mitigate such attacks, we also present a novel mitigation technique that protects legacy binaries. In particular, we enforce memory permissions on a byte-granular level allowing us to combine DCR with execute-only memory protection. The results of this research will be published at ACSAC 2017: Jannik Pewny, Philipp Koppe, Lucas Davi, Thorsten Holz: Breaking and Fixing Destructive Code Read Defenses. In: Proc. of 33nd Annual Computer Security Applications Conference (ACSAC). 2017.