Bugtraq mailing list archives
RE: Preventing exploitation with rebasing
From: "Jason Coombs" <jasonc () science org>
Date: Tue, 4 Feb 2003 11:47:58 -1000
Three different rebasing scenarios: (1) other people's compiled code (2) other people's source code (3) your own code Points: A. There are better things to do in the case of (2) and (3) than rebase the binary. B. In the case of (1) rebasing offers some value in certain circumstances, particularly if you have access to the source (2) -- in which case point A applies and you shouldn't bother with rebasing somebody else's binary. Rebase the entire build, and throw in a boatload of NOPs and other spaghetti. The less predictable your binaries are from the perspective of a remote attacker, the better. C. Remember the threat: uncontrolled/arbitrary remote procedure calls. Don't let them happen in the first place. Authenticate every caller. Filter and block all anonymous callers. Stop the bits from entering your box (or process space) in the first place. D. Don't allow compiled code to execute on your box unless it has been authorized to execute in advance based on its hash code. E. If code is vulnerable, don't use it. Jason Coombs jasonc () science org
Current thread:
- RE: Preventing exploitation with rebasing Anonymous (Feb 04)
- <Possible follow-ups>
- Preventing exploitation with rebasing David Litchfield (Feb 05)
- Re: Preventing exploitation with rebasing sd (Feb 04)
- Re: Preventing exploitation with rebasing David Litchfield (Feb 04)
- Re: Preventing exploitation with rebasing Eugene Tsyrklevich (Feb 04)
- Re: Preventing exploitation with rebasing Torbjörn Hovmark (Feb 04)
- Re: Preventing exploitation with rebasing dullien (Feb 05)
- Re: Preventing exploitation with rebasing David Litchfield (Feb 04)
- Re[2]: Preventing exploitation with rebasing dullien (Feb 04)
- RE: Preventing exploitation with rebasing Jason Coombs (Feb 04)
- Re: Preventing exploitation with rebasing sd (Feb 04)
- Re: Preventing exploitation with rebasing Charlie Root (Feb 05)
- Re: Preventing exploitation with rebasing David Litchfield (Feb 05)
- Re: [VulnDiscuss] Re: Preventing exploitation with rebasing Halvar Flake (Feb 05)
- Re: Preventing exploitation with rebasing Brian Hatch (Feb 05)
- Re: Preventing exploitation with rebasing Alan DeKok (Feb 05)
- Re: Can't Preventing exploitation with rebasing bugtraq (Feb 05)
- Re[2]: Can't Preventing exploitation with rebasing dullien (Feb 05)
- Observation on randomization/rebiasing... Nicholas Weaver (Feb 05)
- RE: Observation on randomization/rebiasing... Jason Coombs (Feb 05)
- Re: Preventing exploitation with rebasing Crispin Cowan (Feb 05)