Dailydave mailing list archives
Re: VPC
From: Alexander Sotirov <alex () sotirov net>
Date: Sun, 24 Feb 2008 00:39:58 -0800
On Thu, Feb 21, 2008 at 07:54:05AM -0500, Dave Aitel wrote:
So in the Microsoft/Immunity/iSec Defend the Flag class here at BlackHat Federal, I learned the hard way that VPC moves memory all around and your previously great universal addresses don't work. So you'll end up trying really hard to find an address that defeats SafeSEH on 2003 SP0 in 15 minutes or less.
Are you talking about Microsoft Virtual PC or something else? What do you mean by "moves memory all around"? If you boot 2003 SP0 inside a virtual machine, the Windows kernel is not magically going to gain ASLR support, so why why wouldn't a universal address work? Alex
Attachment:
_bin
Description:
_______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- Re: VPC, (continued)
- Re: VPC Joanna Rutkowska (Feb 29)