Dailydave mailing list archives
The WhitePhosphorus Exploit Pack - good enough to steal!
From: Dave Aitel <dave () immunityinc com>
Date: Fri, 24 Jun 2011 11:32:14 -0400
One of the many interesting benefits of tools like Immunity's DEPLIB[1] <http://www.immunitysec.com/downloads/DEPLIB20_ekoparty.pdf> is that you can create a different DEPLIB return into libc chain for each customer you have - or for each time your run your exploit against a target. Or, if someone copies your exploit from Python into Ruby, they are almost always too lazy to change your DEP chain. In the case of Metasploit's bounty program, Abyssec submitted a clear exact copy of WhitePhosphorus <http://www.whitephosphorus.org/>'s exploit to Metasploit: http://dev.metasploit.com/redmine/attachments/1273/mozilla_nstreerange.rb . (It's gone now). Realistically, MSF should probably make all submitters sign legal documents that the code they're submitting is theirs. Otherwise you basically end up getting SCO'd. Immunity is of course, disappointed that Abyssec <https://twitter.com/#%21/abysssec> chose to do this, and whoever gave Abyssec the WhitePhosphorus pack broke the license...something we are currently investigating. But the good news for those of you without the WhitePhosphorus exploit pack is that WhitePhosphorus has released their DEP-defeating chain here: http://www.whitephosphorus.org/sayonara.txt . It's still quite useful. And for those of you who are interested in fantastically awesome exploits, Alex McGeorge did a great WhitePhosphorus movie here: http://www.youtube.com/watch?v=Qiudfp2uWKI . -dave [1] http://www.immunitysec.com/downloads/DEPLIB20_ekoparty.pdf - this is included in Immunity Debugger <http://www.immunitysec.com/products-immdbg.shtml>now!
Attachment:
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Dailydave mailing list Dailydave () lists immunityinc com https://lists.immunityinc.com/mailman/listinfo/dailydave
Current thread:
- The WhitePhosphorus Exploit Pack - good enough to steal! Dave Aitel (Jun 24)