The concept of exploit is central to computer security, particularly in the context of memory corruptions. Yet, in spite of the centrality of the concept and voluminous descriptions of various exploitation techniques or countermeasures, a good theoretical framework for describing and reasoning about exploitation has not yet been put forward. A body of concepts and folk theorems exists in the community of exploitation practitioners; unfortunately, these concepts are rarely written down or made sufficiently precise for people outside of this community to benefit from them. This paper clarifies a number of these concepts, provides a clear definition of exploit, a clear definition of the concept of a weird machine, and how programming of a weird machine leads to exploitation. The papers also shows, somewhat counterintuitively, that it is feasible to design some software in a way that even powerful attackers—with the ability to corrupt memory once—cannot gain an advantage. The approach in this paper is focused on memory corruptions. While it can be applied to many security vulnerabilities introduced by other programming mistakes, it does not address side channel attacks, protocol weaknesses, or security problems that are present by design.

中文翻译：

---

奇怪的机器、可利用性和可证明的不可利用性

漏洞利用的概念是计算机安全的核心，尤其是在内存损坏的情况下。然而，尽管各种开发技术或对策的概念和大量描述具有中心性，但尚未提出用于描述和推理开发的良好理论框架。剥削从业者社区中存在大量概念和民间定理；不幸的是，这些概念很少被写下来或被足够精确地让这个社区以外的人从中受益。本文阐明了其中的一些概念，提供了漏洞利用的明确定义、怪异机器概念的明确定义，以及怪异机器的编程如何导致漏洞利用。论文还显示，有点违反直觉，以某种方式设计一些软件是可行的，即使是强大的攻击者——能够破坏内存一次——也无法获得优势。本文中的方法侧重于内存损坏。虽然它可以应用于由其他编程错误引入的许多安全漏洞，但它不能解决侧信道攻击、协议弱点或设计存在的安全问题。