The attack using JIT-spray was first demonstrated at BlackHat DC 2010; what revealed the speculative possibility to bypass DEP and ASLR for IE8. DSecRG launched its research into the issue; the efforts have brought about the elaboration of the first public methodology describing the details of making a shellcode, and the dispay of the first public JIT shellcode worldwide.
http://dsecrg.com/
Since the majority of client vulnerabilities is exploited through the browser (usually Internet Explorer) the attack allows to implement vulnerabilities in the well-known client software – antivirus, bank-clients, desktop applications, and clients for accessing business applications and ERP-systems.
DSecRG gives much attention to client work station security during bank-client and business application analysis, therefore in order to demonstrate that the method functions the operational exploits implementing vulnerabilities in the widespread SAP business applications and also vulnerabilities used through Internet Explorer (application SAPGUI) and Oracle (application Oracle Document Capture) were written.
This research is meant to show that we stick to the latest information security trends around the world and make our contribution to the world lore. The new research in application security enables us to enhance constantly the level of expertise and quality of the performed work in relation to security analysis, - noted the Head of the DSecRG Research Lab, Alexander Polyakov.
# # #
Digital Security is leading IT security company in Russia, providing information security consulting, audit and penetration testing services, risk analysis and ISMS-related services and certification for ISO/IEC 27001:2005 and PCI DSS standards. Digital Security Research Group focuses on web application and database security problems with vulnerability reports, advisories and whitepapers posted regularly on our website.
