Skip to main content

control.rip

Tag: side-channel

Notes: Exploiting Clam AntiVirus in a mail server environment

Simon Scannell’s ClamAV research explores creative heap memory exploitation methods, making it an excellent resource for learning about the topic. Simon also experiments with reusing application functionality to create side-channels. This allows Simon to overcome a significant obstacle: having no direct communication path between ClamAV and the hacker.

Quite frankly, Simon’s use of side-channels is inspiring; it demonstrates the hacker philosophy of being persistent and working in hyper-narrow constraints. In my enthusiasm for Simon’s work, I wrote a summary that ended up becoming a blog post - which I decided to share here. I hope you find this topic as fascinating as I did.