Full Disclosure mailing list archives
Re: Windows .ANI LoadAniIcon Stack Overflow
From: "Jason Areff" <hailtheczar () gmail com>
Date: Mon, 2 Apr 2007 09:26:58 -0500
On 4/2/07, Larry Seltzer <Larry () larryseltzer com> wrote:
LS>Heap spraying implies running code in the heap, JA>Actually, um.. no.. it doesn't My understanding of heap spraying comes from http://blogs.securiteam.com/index.php/archives/638: "...SkyLined's heap spraying techqniue (http://sf-freedom.blogspot.com/2006/07/heap-spraying-internet-exploiter .html) (the concept of this technique is that you inject the nop + shellcode into the heap memory and use some method to trick the eip jump into that heap ..." Sure sounds like running code in the heap to me.
"Heap spraying" is filling the heap with controllable data... This is simply allocating things in the heap. NOT running code. You are trying to say that once you jump into that code via some exploit (NOT part of the heap spraying technique itself) THEN you are "running code in the heap". JA>How do you get to be in that position? Lot's of buzzword-tossing I'd
have to guess. Fuck you too. Larry Seltzer eWEEK.com Security Center Editor http://security.eweek.com/ <blocked::http://security.eweek.com/> http://blog.eweek.com/blogs/larry%5Fseltzer/ <http://blog.eweek.com/blogs/larry_seltzer/> <http://blog.ziffdavis.com/seltzer> Contributing Editor, PC Magazine larryseltzer () ziffdavis com
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: Windows .ANI LoadAniIcon Stack Overflow, (continued)
- Re: Windows .ANI LoadAniIcon Stack Overflow ad () heapoverflow com (Apr 01)
- Re: Windows .ANI LoadAniIcon Stack Overflow ad () heapoverflow com (Apr 01)
- Re: Windows .ANI LoadAniIcon Stack Overflow -> Its ok, its in IE Protected Mode Haroon Meer (Apr 01)
- Re: Windows .ANI LoadAniIcon Stack Overflow Dave Aitel (Apr 02)
- Re: Windows .ANI LoadAniIcon Stack Overflow Larry Seltzer (Apr 01)
- Re: Windows .ANI LoadAniIcon Stack Overflow Alexander Sotirov (Apr 02)
- Re: Windows .ANI LoadAniIcon Stack Overflow Thierry Zoller (Apr 02)
- Re: Windows .ANI LoadAniIcon Stack Overflow Larry Seltzer (Apr 02)
- Re: Windows .ANI LoadAniIcon Stack Overflow Jason Areff (Apr 02)
- Re: Windows .ANI LoadAniIcon Stack Overflow Larry Seltzer (Apr 02)
- Re: Windows .ANI LoadAniIcon Stack Overflow Jason Areff (Apr 02)
- Re: Windows .ANI LoadAniIcon Stack Overflow Larry Seltzer (Apr 02)
- Re: Windows .ANI LoadAniIcon Stack Overflow Morning Wood (Apr 02)
- Re: Windows .ANI LoadAniIcon Stack Overflow Thierry Zoller (Apr 02)
- Re: Windows .ANI LoadAniIcon Stack Overflow Larry Seltzer (Apr 02)
- Re: Windows .ANI LoadAniIcon Stack Overflow Thierry Zoller (Apr 02)
- Message not available
- Re: Windows .ANI LoadAniIcon Stack Overflow Thierry Zoller (Apr 02)
- Message not available
- Message not available
- Re: Windows .ANI LoadAniIcon Stack Overflow Michele Cicciotti (Apr 02)
- Re: Windows .ANI LoadAniIcon Stack Overflow George Ou (Apr 02)
- Re: Windows .ANI LoadAniIcon Stack Overflow George Ou (Apr 02)
- Re: Windows .ANI LoadAniIcon Stack Overflow Alexander Sotirov (Apr 02)