Penetration Testing mailing list archives
Re: Penetration of HP/UX
From: Jan Muenther <jan.muenther () nruns com>
Date: Mon, 20 Jun 2011 16:21:13 +0200
Paul's pointed out a lot of important aspects, but one thing to keep in mind, too, are that it also depends on the platform whether a piece of code actually compiles to a memory corruption condition or not. This is particularly true with the more or less recent transition from 32 to 64 bit platforms, where such issues as pointer truncation kick in. Just sayin'. Cheers, Jan
On Jun 19, 2011, at 12:59 AM, michael getachew <michaelhoustong () yahoo com> wrote:also,I get how the shellcodes and all that has to be different but i still fail to understand how a buffer overflow would work on one architecture and fail on another.i am always baffled when i hear a certain vuln/exploit is only on x86 or x86_64. I'm sure there is an explanation to this i just don't know it yet so please enlighten me on the this subject.There are lots of reasons this can be true. An obvious one is the availability of the NX bit in CPUs. X86_64 and others (SPARC, PPC, IA64), support noexec stacks as an instruction bit to the CPU core. Whereas x86 CPUs like P3 and earlier do not. Therefore, simple buffer overflows are highly reliable on older x86 systems because OS features like Windows DEP don't work. Other issues with arch-specific exploitation include differences in registers, instruction size, and stack layout. These create nuances in the exploitability of a vulnerability - like the need for an overflowable buffer to also be in a nested function on Solaris/SPARC in order to be exploitable. Overall I wouldn't say any 1 modern architecture is significantly less exploitable than the others, but not every bug is a vuln on every platform. PaulM ------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------
-- Jan Muenther ------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------
Current thread:
- Penetration of HP/UX Philipp Lachberger (Jun 12)
- Re: Penetration of HP/UX AK (Jun 14)
- Re: Penetration of HP/UX Nur Agus (Jun 14)
- Re: Penetration of HP/UX Abuse 007 (Jun 18)
- Re: Penetration of HP/UX michael getachew (Jun 19)
- Re: Penetration of HP/UX Roland Kessler (Jun 19)
- Re: Penetration of HP/UX michael getachew (Jun 19)
- Re: Penetration of HP/UX Paul Melson (Jun 19)
- Re: Penetration of HP/UX AK (Jun 19)
- Re: Penetration of HP/UX Paul Melson (Jun 19)
- Re: Penetration of HP/UX Abuse 007 (Jun 18)
- Re: Penetration of HP/UX Jan Muenther (Jun 23)
- Re: Penetration of HP/UX Philipp Lachberger (Jun 18)
- Re: Penetration of HP/UX Paul Melson (Jun 18)