Re: For those of you that don't know....

[pageexec () freemail hu]

> Potentially you could change the program flow to follow another branch, 
> correct? So I could overflow the return address to point to "logmein" 
> rather than "logmeoff" or whatever, if I wanted to do so?

you can still change the program flow but you're quite restricted (at
least that's what i gathered from the papers, never looked at the linux
release in detail). whether that's enough to exploit the target or not
is hard to tell without having both the engine and the target at hand).

> Of course, the other issue is self modifying code, etc. Like 
> how would you protect a JIT? I wonder what it does with .Net. :>

they don't claim protection on JIT as it's pretty much impossible (that
was my first question to Vladimir back in june when their PR engine had
kicked off ;-).

_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
https://lists.immunitysec.com/mailman/listinfo/dailydave