Metasploit mailing list archives
linux 2.6 stack randomization
From: sebastiaan.veenstra at gmail.com (Sebastiaan Veenstra)
Date: Sat, 17 Dec 2005 13:55:46 +0100
Hi, I've read a bit about some patches today introducing stack randomization into the 2.6 kernel. With these patches, a stack overflowable buffer is located on a different memory address for each invocation of the vulnarable program. Thus, storing shellcode in a stack overflowable buffer and overwriting the return address with the address of the buffer is no longer possible since the buffer is stored on a completely different stack address among subsequent invocations of the program. Even by utilizing a nop sled it's not possible. How does the metasploit framework anticipate to this kind of behavior? Are there any facilities in the new framework to automate the exploitation process in such a situation? With kind regards, Sebastiaan -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://mail.metasploit.com/pipermail/framework/attachments/20051217/37e3c4fc/attachment.htm>
Current thread:
- linux 2.6 stack randomization Sebastiaan Veenstra (Dec 17)
- linux 2.6 stack randomization mmiller at hick.org (Dec 17)
- linux 2.6 stack randomization Tim (Dec 17)
- linux 2.6 stack randomization mmiller at hick.org (Dec 17)