Introduction
VTable reuse attack is a novel exploitation technique in recent academic work. I think it is time to give a short series of posts on VTable reuse attacks including academic papers, more details on VTable and VTable reuse attacks based on existing CVE.
Plan
Academic Paper:
Counterfeit Object-oriented Programming: On the Difficulty of Preventing Code Reuse Attacks in C++ Applications
A Tough call: Mitigating Advanced Code-Reuse Attacks At The Binary Level
VFGuard: Strict Protection for Virtual Function Calls in COTS C++ Binaries
VTable Details:
VTable structure and constructor function
VTable Reuse Attack on Existing CVE:
CVE-2016-9079
Conclusion
VTable reuse attack is a very interesting topic. Hope that I can expand this topic in my following posts. This post can serve as a summary for those who are interested in vtable reuse attack.