Dailydave mailing list archives

Re: VPC

From: Alexander Sotirov <alex () sotirov net>
Date: Sun, 24 Feb 2008 00:39:58 -0800

On Thu, Feb 21, 2008 at 07:54:05AM -0500, Dave Aitel wrote:

So in the Microsoft/Immunity/iSec Defend the Flag class here at BlackHat 
Federal, I learned the hard way that VPC moves memory all around and 
your previously great universal addresses don't work. So you'll end up 
trying really hard to find an address that defeats SafeSEH on 2003 SP0 
in 15 minutes or less.


Are you talking about Microsoft Virtual PC or something else? What do you
mean by "moves memory all around"? If you boot 2003 SP0 inside a virtual
machine, the Windows kernel is not magically going to gain ASLR support,
so why why wouldn't a universal address work?

Alex

Attachment: _bin
Description:

_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://lists.immunitysec.com/mailman/listinfo/dailydave

Current thread:

Re: VPC, (continued)
- - - Re: VPC Joanna Rutkowska (Feb 25)
    - Re: VPC dan (Feb 25)
    - Re: VPC Joanna Rutkowska (Feb 25)
    - Re: VPC Kurt Baumgartner (Feb 22)
    - Re: VPC John H. Sawyer (Feb 23)
- Re: VPC Thorsten Holz (Feb 21)
  - Re: VPC Jared DeMott (Feb 22)
    - Re: VPC John H. Sawyer (Feb 23)
  - Re: VPC Halvar Flake (Feb 27)
- Re: VPC Thierry Zoller (Feb 22)
- Re: VPC Alexander Sotirov (Feb 24)
- Re: VPC Anthony Lineberry (Feb 28)
  - Re: VPC Matt Richard (Feb 29)
    - Re: VPC Jon Oberheide (Feb 29)
    - Re: VPC Andrew R. Reiter (Mar 03)
- Re: VPC Thierry Zoller (Feb 23)
  - Re: VPC Tyler (Feb 23)
    - Re: VPC J.M. Seitz (Feb 24)
    - Re: VPC Jared DeMott (Feb 25)
- Re: VPC Rodrigo Rubira Branco (BSDaemon) (Feb 29)
  - Re: VPC Joanna Rutkowska (Feb 29)

(Thread continues...)