Full Disclosure mailing list archives
Re: Bypassing the new /GS protection in VC++ 7.1
From: Valdis.Kletnieks () vt edu
Date: Fri, 19 Aug 2005 00:38:24 -0400
On Fri, 19 Aug 2005 12:17:25 +0800, leaf said:
Hey, Buffer overflows will be harder and harder. Maybe game is over.
The game will never be over. The best you can hope for is to find a cost-effective way to raise the bar high enough to keep the likelyhood that you'll get hacked down to an acceptable level. Hint - the /GS code is based on an assumption regarding the behavior of the code. What is it assuming, and what possible end-runs can you come up with? (For example, if the feature is based on a 'canary' value remaining intact, you want to look for ways to totally overshoot the canary and overlay something beyond it...)
Attachment:
_bin
Description:
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Unicode Buffer Overflow in WinFtp Server 1.6.8 Donato Ferrante (Aug 17)
- Bypassing the new /GS protection in VC++ 7.1 D K (Aug 18)
- Re: Bypassing the new /GS protection in VC++ 7.1 leaf (Aug 18)
- Re: Bypassing the new /GS protection in VC++ 7.1 Valdis . Kletnieks (Aug 18)
- Re: Bypassing the new /GS protection in VC++ 7.1 trains (Aug 19)
- Re: Bypassing the new /GS protection in VC++ 7.1 leaf (Aug 18)
- Bypassing the new /GS protection in VC++ 7.1 D K (Aug 18)