USENIX Security '20 - Everything Old is New Again: Binary Security of WebAssembly
Everything Old is New Again: Binary Security of WebAssembly
Daniel Lehmann, University of Stuttgart; Johannes Kinder, Bundeswehr University Munich; Michael Pradel, University of Stuttgart
WebAssembly is an increasingly popular compilation target designed to run code in browsers and on other platforms safely and securely, by strictly separating code and data, enforcing types, and limiting indirect control flow. Still, vulnerabilities in memory-unsafe source languages can translate to vulnerabilities in WebAssembly binaries. In this paper, we analyze to what extent vulnerabilities are exploitable in WebAssembly binaries, and how this compares to native code. We find that many classic vulnerabilities which, due to common mitigations, are no longer exploitable in native binaries, are completely exposed in WebAssembly. Moreover, WebAssembly enables unique attacks, such as overwriting supposedly constant data or manipulating the heap using a stack overflow. We present a set of attack primitives that enable an attacker (i) to write arbitrary memory, (ii) to overwrite sensitive data, and (iii) to trigger unexpected behavior by diverting control flow or manipulating the host environment. We provide a set of vulnerable proof-of-concept applications along with complete end-to-end exploits, which cover three WebAssembly platforms. An empirical risk assessment on real-world binaries and SPEC CPU programs compiled to WebAssembly shows that our attack primitives are likely to be feasible in practice. Overall, our findings show a perhaps surprising lack of binary security in WebAssembly. We discuss potential protection mechanisms to mitigate the resulting risks.
View the full USENIX Security '20 program at https://www.usenix.org/conference/usenixsecurity20/technical-sessions
Видео USENIX Security '20 - Everything Old is New Again: Binary Security of WebAssembly канала USENIX
Daniel Lehmann, University of Stuttgart; Johannes Kinder, Bundeswehr University Munich; Michael Pradel, University of Stuttgart
WebAssembly is an increasingly popular compilation target designed to run code in browsers and on other platforms safely and securely, by strictly separating code and data, enforcing types, and limiting indirect control flow. Still, vulnerabilities in memory-unsafe source languages can translate to vulnerabilities in WebAssembly binaries. In this paper, we analyze to what extent vulnerabilities are exploitable in WebAssembly binaries, and how this compares to native code. We find that many classic vulnerabilities which, due to common mitigations, are no longer exploitable in native binaries, are completely exposed in WebAssembly. Moreover, WebAssembly enables unique attacks, such as overwriting supposedly constant data or manipulating the heap using a stack overflow. We present a set of attack primitives that enable an attacker (i) to write arbitrary memory, (ii) to overwrite sensitive data, and (iii) to trigger unexpected behavior by diverting control flow or manipulating the host environment. We provide a set of vulnerable proof-of-concept applications along with complete end-to-end exploits, which cover three WebAssembly platforms. An empirical risk assessment on real-world binaries and SPEC CPU programs compiled to WebAssembly shows that our attack primitives are likely to be feasible in practice. Overall, our findings show a perhaps surprising lack of binary security in WebAssembly. We discuss potential protection mechanisms to mitigate the resulting risks.
View the full USENIX Security '20 program at https://www.usenix.org/conference/usenixsecurity20/technical-sessions
Видео USENIX Security '20 - Everything Old is New Again: Binary Security of WebAssembly канала USENIX
Показать
Комментарии отсутствуют
Информация о видео
Другие видео канала
![Web Assembly (WASM) in 100 Seconds](https://i.ytimg.com/vi/cbB3QEwWMlA/default.jpg)
![SREcon18 Asia/Australia - Interviewing for Systems Design Skills](https://i.ytimg.com/vi/swfurPw8c6A/default.jpg)
![](https://i.ytimg.com/vi/P3YqU27pMSw/default.jpg)
![What is WebAssembly and Is It Better Than JavaScript? | WASM Breakdown for Beginners and Web Devs](https://i.ytimg.com/vi/sR22HtWztrY/default.jpg)
![Beginner Reverse Engineering | Part 1: How To Find The Main Function](https://i.ytimg.com/vi/tWSa1L5L394/default.jpg)
![Hacking WebAssembly (Wasm) games w/ Cetus, & why private keys must never go into a game binary](https://i.ytimg.com/vi/iMx-JfFz3ck/default.jpg)
![My EXACT Portfolio Presentation that Got Me Hired at Google, Facebook & Amazon](https://i.ytimg.com/vi/RFG2UxYULjI/default.jpg)
![Hack A Blazor WASM App (At Your Own Risk)](https://i.ytimg.com/vi/Xx1eMlscXrQ/default.jpg)
![Bringing WebAssembly outside the web with WASI by Lin Clark](https://i.ytimg.com/vi/fh9WXPu0hw8/default.jpg)
![Google I/O 2009 - Transactions Across Datacenters..](https://i.ytimg.com/vi/srOgpXECblk/default.jpg)
![Oh the things you’ll compile - modern WebAssembly (Chrome Dev Summit 2019)](https://i.ytimg.com/vi/kZrl91SPSpc/default.jpg)
![Beginner Reverse Engineering | Part 2: Compiling and Decompiling (Ghidra + IDA)](https://i.ytimg.com/vi/Bv-7SszPuvI/default.jpg)
![Everything Old is New Again: Binary Security of WebAssembly](https://i.ytimg.com/vi/lksjwMvbQhI/default.jpg)
![WebAssembly nanoprocesses: making WebAssembly outside-the-browser secure by default, Lin Clark](https://i.ytimg.com/vi/TF-tXDRAEmg/default.jpg)
![An introduction to WebAssembly | DevNation Day 2020](https://i.ytimg.com/vi/39bRX8PIXwo/default.jpg)
![WebAssembly Interface Types: Interoperate with All The Things!](https://i.ytimg.com/vi/Qn_4F3foB3Q/default.jpg)
![WebAssembly: Binary in Plain English](https://i.ytimg.com/vi/0JEQIlzJXkI/default.jpg)
![WebAssembly for Web Developers (Google I/O ’19)](https://i.ytimg.com/vi/njt-Qzw0mVY/default.jpg)
![Jonathan Beri — Making it easier to make Things: WebAssembly and the Internet of Things](https://i.ytimg.com/vi/oky3FdsTuUM/default.jpg)
![Lessons in WebAssembly: Client Side Video Editing](https://i.ytimg.com/vi/GsGPWSUmP8s/default.jpg)