Context: Static Application Data

• Easy to profile if an attacker can reproduce:

• • Application’s operating environment
  • Execution of the target application

• Also easy if the attacker has access to the application executable or linked libraries

• Context-key can be chosen from static values found in the process’s memory

• Can use known locations of static values such as:

• • Environment variables
  • Static strings
  • The application’s executable instructions (.text)