Bugtraq mailing list archives
Re: Preventing exploitation with rebasing
From: Eugene Tsyrklevich <eugene () securityarchitects com>
Date: Tue, 4 Feb 2003 03:34:32 -0800
Rebasing ******* The problem with operating systems is that they all have pretty much the same "genetic code" which makes each and every one of them vulnerable to a new exploit. So we need to make them different and this can be achieved through rebasing. Rebasing is the process of changing the Image Base of an image file. By doing this the DLL/EXE is loaded into a different location in the virtual address space.
Similar idea, applied to the location of stack, was implemented in OpenBSD. This is from OpenBSD CVS (August 2001): "Add a possibility to add a random offset to the stack on exec. This makes it slightly harder to write generic buffer overflows. This doesn't really give any real security, but it raises the bar for script-kiddies and it's really cheap. The range of the random offsets is controlled by the sysctl kern.stackgap_random (must be a power of 2)." http://www.openbsd.org/cgi-bin/cvsweb/src/sys/kern/kern_exec.c.diff?r1=1.54&r2=1.55
Current thread:
- RE: Preventing exploitation with rebasing Anonymous (Feb 04)
- <Possible follow-ups>
- Preventing exploitation with rebasing David Litchfield (Feb 05)
- Re: Preventing exploitation with rebasing sd (Feb 04)
- Re: Preventing exploitation with rebasing David Litchfield (Feb 04)
- Re: Preventing exploitation with rebasing Eugene Tsyrklevich (Feb 04)
- Re: Preventing exploitation with rebasing Torbjörn Hovmark (Feb 04)
- Re: Preventing exploitation with rebasing dullien (Feb 05)
- Re: Preventing exploitation with rebasing David Litchfield (Feb 04)
- Re[2]: Preventing exploitation with rebasing dullien (Feb 04)
- RE: Preventing exploitation with rebasing Jason Coombs (Feb 04)
- Re: Preventing exploitation with rebasing sd (Feb 04)
- Re: Preventing exploitation with rebasing Charlie Root (Feb 05)
- Re: Preventing exploitation with rebasing David Litchfield (Feb 05)
- Re: [VulnDiscuss] Re: Preventing exploitation with rebasing Halvar Flake (Feb 05)
- Re: Preventing exploitation with rebasing Brian Hatch (Feb 05)
- Re: Preventing exploitation with rebasing Alan DeKok (Feb 05)