Confidence - (28-29.05 2013 Krakow)
Język: polski | english

Julian Bangert

Julian Bangert is a junior studying computer science at Dartmouth College. When he is not working on new defence mechanisms or dropping off waterfalls in his kayak, he is a neighbourly cowboy in the ranges of Northern Appalachia, capturing specimens for his professors’ Sergey Bratus weird machine zoo.

Temat prezentacji 1: Any Input Is a Program: Weird Machines in ABI and architecture metadata

Prelegenci: Julian Bangert, Sergey Bratus, Rebecca “bx” Shapiro

Język prezentacji: Angielski

Complex enough input to a complex enough system can have effects indistinguishable from a native program for that system. A sufficiently complex input format may become “byte code” for a kind of a virtual machine within the software that handles it; in many classic exploit programming techniques, data is the program that runs on the code. We will show two examples of this that aren’t exploits as such, but show Turing-complete programming by kinds of data that are hardly ever given a second glance: (1) ELF binary format headers with nothing but well-formed relocation and dynamic symbol entries (executed by the runtime linker-loader), and (2) x86 memory and interrupt descriptor tables (executed by the CPU page fault handling and context switching logic, without any instructions being successfully dispatched).

If these data formats can hide a Turing-complete computation, what about all others more complex “feature-rich” ones? What makes a format lend itself to being an equivalent of an instruction set? Can looking for “weird machines” help design trustworthy systems? Join us for the talk and discussion of this weird research direction!

Temat prezentacji 2: ELF Eccentricities

Prelegenci: Julian Bangert, Sergey Bratus

Język prezentacji: Angielski

.Bx has demonstrated how to build a Turing machine out of well-formed relocations and symbols of the ELF binary format. Other aspects of the format can be just as twisted. From a language-theoretic standpoint, the ELF format is very context-sensitive: much metadata is stored redundantly and interesting things can happen when metadata is inconsistent. Furthermore, we believe these dependencies are one of the reasons ELF binary manipulation tools are so hard get right and will present a work-in-progress framework in the style of ERESI’s elfsh that takes care of metadata-consistency for modified binaries and parsing inconsistencies for untrusted binaries.