Practical Data-Only Attack Generation
Brian Johannesmeyer
33rd USENIX Security Symposium · Day 1 · USENIX Security '24
In an era where sophisticated defenses have rendered traditional **control flow hijacking (CFH)** attacks increasingly difficult, a new wave of research is shining a spotlight on **data-only attacks (DOAs)**. This talk, presented by Brian Johannesmeyer, with co-work from Aza Herbert and Cristiano from V Amsterdam, introduces Einstein, a novel tool that automatically generates data-only exploits with surprising ease and effectiveness. Challenging the long-held perception that DOAs are either too application-specific or overly complex to pose a practical threat, Einstein demonstrates a scalable approach to uncover and weaponize these vulnerabilities.
AI review
Dr. Johannesmeyer's "Einstein" tool shatters the myth that data-only attacks are too complex to be practical, demonstrating automated generation of hundreds of exploits against popular servers. By exposing widespread vulnerabilities rooted in verbatim data copying to sensitive syscalls, this research is a critical wake-up call for the industry to re-evaluate its defense strategies beyond control flow integrity. It's a must-see for anyone serious about real-world application security.