Vulnerability Development mailing list archives

Re: "Moving" Stack: my poor return address!

From: Javor Ninov <drfrancky () securax org>
Date: Mon, 28 Aug 2006 20:12:37 +0300

You should look also at http://www.milw0rm.com/papers/55
very good example

--
Javor Ninov aka DrFrancky
drfrancky shift+2 securax.org


list-recv () crepinc com wrote:

Thanks all for letting me know about stack randomization.

So is it safe to say that "traditional" stack-based exploits such as in my origianl post are a thing of the past, and 
current exploit developers use methods like returning into libc to get a shell / etc?

Thanks again,

-Jack Carrozzo
jack   _{@}_   crepinc.com

Attachment: signature.asc
Description: OpenPGP digital signature

Current thread:

"Moving" Stack: my poor return address! Jack C (Aug 01)
- Re: "Moving" Stack: my poor return address! Andrea Purificato - bunker (Aug 02)
- Re: "Moving" Stack: my poor return address! Alexander Klimov (Aug 02)
- Re: "Moving" Stack: my poor return address! Steve Bonds (Aug 02)
- Re: "Moving" Stack: my poor return address! Jon Erickson (Aug 02)
- <Possible follow-ups>
- Re: "Moving" Stack: my poor return address! list-recv (Aug 02)
  - RE: "Moving" Stack: my poor return address! salexander (Aug 02)
  - Re: "Moving" Stack: my poor return address! Javor Ninov (Aug 29)