Use-after-FreeMail: Generalizing the use-after-free problem and applying it to email services

Daniel Gruss, Michael Schwarz, Matthias Wübbeling, Simon Guggi, Timo Malderle, Stefan More, Moritz Lipp

Research output: Research - peer-reviewConference contribution

Abstract

Use-after-free is a type of vulnerability commonly present in software written in memory-unsafe languages like C or C++, where a program frees a memory buffer too early. By placing counterfeit structures at the freed memory location, an attacker can leak information or gain execution control upon subsequent access. In this paper, we show that the concept of use-after-free can be generalized to any environment and situation where resources can be silently exchanged. As an instance of our generalization we demonstrate Use-After-FreeMail attacks. Use-After-FreeMail attacks gather email addresses from publicly available database leaks. The fully automated quantitative analysis brought to light that 33.5% of all free-mail addresses we tested are not valid anymore. In two user studies with 100 and 31 participants we found that 11-19% of users are affected by our attack. In qualitative case studies we investigated what information can be gained in Use-After-FreeMail attacks, e.g., payment information, and how far currently used accounts can be compromised (identity theft). Finally, drawing the connection between mitigations against traditional use-after-free scenarios and the Use-After-FreeMail scenario, we provide a concise list of recommendations to free-mail providers and users as a protection against use-after-free attacks.

LanguageEnglish
Title of host publicationASIACCS 2018 - Proceedings of the 2018 ACM Asia Conference on Computer and Communications Security
PublisherAssociation for Computing Machinery, Inc
Pages297-311
Number of pages15
ISBN (Electronic)9781450355766
DOIs
StatusPublished - 29 May 2018
Event13th ACM Symposium on Information, Computer and Communications Security, ASIACCS 2018 - Incheon, Korea, Republic of
Duration: 4 Jun 20188 Jun 2018

Conference

Conference13th ACM Symposium on Information, Computer and Communications Security, ASIACCS 2018
CountryKorea, Republic of
CityIncheon
Period4/06/188/06/18

Fingerprint

Electronic mail
Data storage equipment
Gain control
Chemical analysis

ASJC Scopus subject areas

  • Software
  • Computer Science Applications
  • Information Systems
  • Computer Networks and Communications

Cite this

Gruss, D., Schwarz, M., Wübbeling, M., Guggi, S., Malderle, T., More, S., & Lipp, M. (2018). Use-after-FreeMail: Generalizing the use-after-free problem and applying it to email services. In ASIACCS 2018 - Proceedings of the 2018 ACM Asia Conference on Computer and Communications Security (pp. 297-311). Association for Computing Machinery, Inc. DOI: 10.1145/3196494.3196514

Use-after-FreeMail : Generalizing the use-after-free problem and applying it to email services. / Gruss, Daniel; Schwarz, Michael; Wübbeling, Matthias; Guggi, Simon; Malderle, Timo; More, Stefan; Lipp, Moritz.

ASIACCS 2018 - Proceedings of the 2018 ACM Asia Conference on Computer and Communications Security. Association for Computing Machinery, Inc, 2018. p. 297-311.

Research output: Research - peer-reviewConference contribution

Gruss, D, Schwarz, M, Wübbeling, M, Guggi, S, Malderle, T, More, S & Lipp, M 2018, Use-after-FreeMail: Generalizing the use-after-free problem and applying it to email services. in ASIACCS 2018 - Proceedings of the 2018 ACM Asia Conference on Computer and Communications Security. Association for Computing Machinery, Inc, pp. 297-311, 13th ACM Symposium on Information, Computer and Communications Security, ASIACCS 2018, Incheon, Korea, Republic of, 4/06/18. DOI: 10.1145/3196494.3196514
Gruss D, Schwarz M, Wübbeling M, Guggi S, Malderle T, More S et al. Use-after-FreeMail: Generalizing the use-after-free problem and applying it to email services. In ASIACCS 2018 - Proceedings of the 2018 ACM Asia Conference on Computer and Communications Security. Association for Computing Machinery, Inc. 2018. p. 297-311. Available from, DOI: 10.1145/3196494.3196514
Gruss, Daniel ; Schwarz, Michael ; Wübbeling, Matthias ; Guggi, Simon ; Malderle, Timo ; More, Stefan ; Lipp, Moritz. / Use-after-FreeMail : Generalizing the use-after-free problem and applying it to email services. ASIACCS 2018 - Proceedings of the 2018 ACM Asia Conference on Computer and Communications Security. Association for Computing Machinery, Inc, 2018. pp. 297-311
@inbook{55bdac0633124d7e922367da812f0c15,
title = "Use-after-FreeMail: Generalizing the use-after-free problem and applying it to email services",
abstract = "Use-after-free is a type of vulnerability commonly present in software written in memory-unsafe languages like C or C++, where a program frees a memory buffer too early. By placing counterfeit structures at the freed memory location, an attacker can leak information or gain execution control upon subsequent access. In this paper, we show that the concept of use-after-free can be generalized to any environment and situation where resources can be silently exchanged. As an instance of our generalization we demonstrate Use-After-FreeMail attacks. Use-After-FreeMail attacks gather email addresses from publicly available database leaks. The fully automated quantitative analysis brought to light that 33.5% of all free-mail addresses we tested are not valid anymore. In two user studies with 100 and 31 participants we found that 11-19% of users are affected by our attack. In qualitative case studies we investigated what information can be gained in Use-After-FreeMail attacks, e.g., payment information, and how far currently used accounts can be compromised (identity theft). Finally, drawing the connection between mitigations against traditional use-after-free scenarios and the Use-After-FreeMail scenario, we provide a concise list of recommendations to free-mail providers and users as a protection against use-after-free attacks.",
author = "Daniel Gruss and Michael Schwarz and Matthias Wübbeling and Simon Guggi and Timo Malderle and Stefan More and Moritz Lipp",
year = "2018",
month = "5",
doi = "10.1145/3196494.3196514",
pages = "297--311",
booktitle = "ASIACCS 2018 - Proceedings of the 2018 ACM Asia Conference on Computer and Communications Security",
publisher = "Association for Computing Machinery, Inc",

}

TY - CHAP

T1 - Use-after-FreeMail

T2 - Generalizing the use-after-free problem and applying it to email services

AU - Gruss,Daniel

AU - Schwarz,Michael

AU - Wübbeling,Matthias

AU - Guggi,Simon

AU - Malderle,Timo

AU - More,Stefan

AU - Lipp,Moritz

PY - 2018/5/29

Y1 - 2018/5/29

N2 - Use-after-free is a type of vulnerability commonly present in software written in memory-unsafe languages like C or C++, where a program frees a memory buffer too early. By placing counterfeit structures at the freed memory location, an attacker can leak information or gain execution control upon subsequent access. In this paper, we show that the concept of use-after-free can be generalized to any environment and situation where resources can be silently exchanged. As an instance of our generalization we demonstrate Use-After-FreeMail attacks. Use-After-FreeMail attacks gather email addresses from publicly available database leaks. The fully automated quantitative analysis brought to light that 33.5% of all free-mail addresses we tested are not valid anymore. In two user studies with 100 and 31 participants we found that 11-19% of users are affected by our attack. In qualitative case studies we investigated what information can be gained in Use-After-FreeMail attacks, e.g., payment information, and how far currently used accounts can be compromised (identity theft). Finally, drawing the connection between mitigations against traditional use-after-free scenarios and the Use-After-FreeMail scenario, we provide a concise list of recommendations to free-mail providers and users as a protection against use-after-free attacks.

AB - Use-after-free is a type of vulnerability commonly present in software written in memory-unsafe languages like C or C++, where a program frees a memory buffer too early. By placing counterfeit structures at the freed memory location, an attacker can leak information or gain execution control upon subsequent access. In this paper, we show that the concept of use-after-free can be generalized to any environment and situation where resources can be silently exchanged. As an instance of our generalization we demonstrate Use-After-FreeMail attacks. Use-After-FreeMail attacks gather email addresses from publicly available database leaks. The fully automated quantitative analysis brought to light that 33.5% of all free-mail addresses we tested are not valid anymore. In two user studies with 100 and 31 participants we found that 11-19% of users are affected by our attack. In qualitative case studies we investigated what information can be gained in Use-After-FreeMail attacks, e.g., payment information, and how far currently used accounts can be compromised (identity theft). Finally, drawing the connection between mitigations against traditional use-after-free scenarios and the Use-After-FreeMail scenario, we provide a concise list of recommendations to free-mail providers and users as a protection against use-after-free attacks.

UR - http://www.scopus.com/inward/record.url?scp=85049187881&partnerID=8YFLogxK

U2 - 10.1145/3196494.3196514

DO - 10.1145/3196494.3196514

M3 - Conference contribution

SP - 297

EP - 311

BT - ASIACCS 2018 - Proceedings of the 2018 ACM Asia Conference on Computer and Communications Security

PB - Association for Computing Machinery, Inc

ER -