Full Disclosure mailing list archives
Re: Hikaru
From: coderman <coderman () gmail com>
Date: Fri, 21 Dec 2007 18:17:34 -0800
On Dec 21, 2007 5:36 PM, Ben <comsatcat () earthlink net> wrote:
All, I read a paper last night titled "The Geometry of Innocent Flesh on the Bone" (http://www.cse.ucsd.edu/~hovav/). It described a technique similar to return-into-libc.
yes, this is fun stuff :) ''' Our thesis: In any sufficiently large body of x86 executable code there will exist sufficiently many useful code sequences that an attacker who controls the stack will be able, by means of the return-into-libc techniques we introduce, to cause the exploited program to undertake arbitrary computation. ''' 10 pts to the first person using this approach to dlopen for full arbitrary execution :) so which is more useful in practice, NX or ASLR? _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Hikaru Ben (Dec 21)
- Re: Hikaru coderman (Dec 21)
- <Possible follow-ups>
- Re: Hikaru Ben (Dec 21)
- Re: Hikaru twiz (Dec 23)