Metasploit mailing list archives

ms06-040 ETA?

From: rhyskidd at gmail.com (Rhys Kidd)
Date: Thu, 10 Aug 2006 11:25:34 +0800

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


As you may know a means of circumventing Hardware DEP has been published,
http://www.uninformed.org/?v=2&a=4 by skape and Skywing.

/GS protection is different, ( for a quick run down see:
http://www.developer.com/net/cplus/article.php/3417861. ). David Litchfield
presented on stack protection bypassing at BH-03, there's slides for that if
you're interested showing some generic methods of bypassing /GS and the
stack cookie it creates.



-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (MingW32)

iD8DBQFE2qct7oK/a/NHBvIRAvxDAJwKFCwXMPQ7LlM5a8mHTRYLy3lf8QCfY7JN
mRZZykDB3TRkgIfIfRHaQCM=
=hgQN
-----END PGP SIGNATURE-----

Current thread:

ms06-040 ETA? Exibar (Aug 09)
- ms06-040 ETA? H D Moore (Aug 09)
  - ms06-040 ETA? dajackman (Aug 09)
    - ms06-040 ETA? Rhys Kidd (Aug 09)
    - ms06-040 ETA? H D Moore (Aug 09)
    - ms06-040 ETA? Tomas L. Byrnes (Aug 09)
    - ms06-040 ETA? Rhys Kidd (Aug 09)
  - ms06-040 ETA? tomb at accessitgroup.com (Aug 09)