Abstract

Browser exploits have taken centre stage as the next wave of practical exploitation of systems. Browsers are quite different in design and offer great flexibility as compared to other binaries, be they client binaries or server binaries. Why have mechanisms such as stack space randomization, non-execute flags, compiler generated protection mechanisms, etc. not been successful in thwarting browser exploits? The answer lies within the design and functionality of browsers in general. This talk touches upon the fundamentals of browser exploitation and how certain concepts can be leveraged to prevent practical exploitation of browsers.