Metasploit mailing list archives
Javascript Shellcode
From: asotirov at determina.com (Alexander Sotirov)
Date: Tue, 20 Feb 2007 19:55:26 -0800
H D Moore wrote:
Do whatever you can to see this talk, Alex's exploitation methods for client-side exploits are second to none (my heap-fill code is sloppy trash by comparison).
Hah, you should tell this to Dragos, I'm still waiting to find out if the talk was accepted for CanSecWest. The presentation is about a new technique for precise manipulation of the browser heap layout using specific sequences of JavaScript allocations. I'll release a JavaScript library with functions for setting up the heap in a controlled state before triggering a heap corruption bug. This will allow the exploitation of very difficult heap corruption vulnerabilities with great reliability and precision. Even if you can't make it to the conference, check out the paper afterwards, it will be worth it. Alex
Current thread:
- Javascript Shellcode J. M. Seitz (Feb 20)
- Javascript Shellcode H D Moore (Feb 20)
- Javascript Shellcode Rhys Kidd (Feb 20)
- Javascript Shellcode H D Moore (Feb 20)
- Javascript Shellcode Alexander Sotirov (Feb 20)
- Javascript Shellcode Justin Seitz (Feb 20)
- Javascript Shellcode Rhys Kidd (Feb 20)
- Javascript Shellcode Justin Seitz (Feb 21)
- Javascript Shellcode Rhys Kidd (Feb 20)
- Javascript Shellcode H D Moore (Feb 20)