Dailydave mailing list archives
From AC re execshield
From: Dave Aitel <dave () immunityinc com>
Date: Mon, 20 Nov 2006 10:56:09 -0500
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Andrew Cushman Sent the Following, but from a slightly different address than the one he is subscribed under, so the moderator didn't see it: His talk was "New Ways to Attack Applications of Operating Systems under Execshield". His talk focused on remote exploitation and subverting execshield on fedora v3, 4, and 5 mostly using format string vulns. He got around the non executable stack and heap DiD mitigations as well as PIE randomization - using return to Library and brute force. http://x82.inetcop.org/poc.ZIP -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (GNU/Linux) iD8DBQFFYdAXB8JNm+PA+iURAhQHAJsEHd+d6W0i5N7ybOaVIK5zR6wjWgCgp5EI MGkTUwNYZNetJvTfg/QKTRk= =y+TV -----END PGP SIGNATURE----- _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- From AC re execshield Dave Aitel (Nov 20)
- Re: From AC re execshield Jeremy Kelley (Nov 20)
- Re: From AC re execshield endrazine (Nov 20)
- Re: From AC re execshield Jeremy Kelley (Nov 20)