Dailydave mailing list archives

Re: The sky's downward trajectory

From: "Halvar Flake" <halvar () gmx de>
Date: Tue, 20 Feb 2007 16:57:16 +0100

Correction on the terminology: I might have mis-used the word 'entropy'.

If you consider the number of possible memory states of the process address
space, there are a lot more than 2^8 -- for each DLL, the randomization will
consist of 8 bits, but this already provides for ~2^16 possibilities in the 
case of
two DLLs, and more in other cases.

One should also consider that if a DLL base is randomized and mapped to the
address of an already mapped DLL, it will be relocated, quite possibly 
outside
of any of the 255 addresses that it could've been mapped under by the 
randomisation.

Cheers,
Halvar 

_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://lists.immunitysec.com/mailman/listinfo/dailydave

Current thread:

Re: The sky's downward trajectory, (continued)
- - - Re: The sky's downward trajectory jf (Feb 19)
    - Re: The sky's downward trajectory endrazine (Feb 19)
    - Re: The sky's downward trajectory jf (Feb 19)
    - Re: The sky's downward trajectory Jonathan Wilkins (Feb 19)
    - Re: The sky's downward trajectory Dominique Brezinski (Feb 20)
    - Re: The sky's downward trajectory ol (Feb 20)
    - Re: The sky's downward trajectory ol (Mar 03)
    - Re: The sky's downward trajectory jf (Feb 20)
    - Re: The sky's downward trajectory Jonathan Wilkins (Feb 19)
    - Re: The sky's downward trajectory Halvar Flake (Feb 20)
    - Re: The sky's downward trajectory Halvar Flake (Feb 20)
    - Re: The sky's downward trajectory Alexander Sotirov (Feb 20)
    - Re: The sky's downward trajectory don bailey (Feb 21)
    - Re: The sky's downward trajectory don bailey (Feb 22)
    - Re: The sky's downward trajectory ol (Feb 23)
    - Re: The sky's downward trajectory don bailey (Feb 26)
    - Re: The sky's downward trajectory Dave Aitel (Feb 19)