Vulnerability Development mailing list archives
Re: Getting passwords from the heap?
From: ian <cheeken () cs bu edu>
Date: Wed, 27 Jun 2001 20:12:14 -0400
if anyone knows more about the exact workings of memory and page allocation under linux, windows, and other OS's I would be great if they shared...
windows 2000 (and probably NT) have a thread named "the zero page thread" whose responsibility is to zero pages of memory before they are handed to processes via malloc and similar mechanisms. if memory serves me right, this is a requirement for C2 compliance. plus remember there's a difference between virtual vs physical memory. if you're not getting pages with some other process' physical memory backing them (which you shouldn't) you should only get stuff that's accessible to your process anyways, i think ? for much much much more detail than i can possibly summon up after work, consult solomon and russinovich's "inside windows 2000" the chapter on memory management internals, ian
Current thread:
- Getting passwords from the heap? Jason Spence (Jun 26)
- Re: Getting passwords from the heap? Felix von Leitner (Jun 26)
- Re: Getting passwords from the heap? Dennis McHenry (Jun 27)
- Re: Getting passwords from the heap? Jason R. Seats (Jun 27)
- RE: Getting passwords from the heap? Vladimir Kraljevic (Jun 27)
- Re: Getting passwords from the heap? Dennis McHenry (Jun 27)
- Re: Getting passwords from the heap? H D Moore (Jun 26)
- Re: Getting passwords from the heap? Jason Spence (Jun 27)
- Re: Getting passwords from the heap? H D Moore (Jun 27)
- Re: Getting passwords from the heap? Aigars Grins (Jun 27)
- Re: Getting passwords from the heap? Jason Spence (Jun 27)
- Re: Getting passwords from the heap? ian (Jun 28)
- Re: Getting passwords from the heap? Jason Spence (Jun 27)
- Re: Getting passwords from the heap? Felix von Leitner (Jun 26)
- Source code of the Sadmin Worm Cabezon Aurélien [iSecureLabs] (Jun 27)
- <Possible follow-ups>
- RE: Getting passwords from the heap? Michael Wojcik (Jun 27)