Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Dailydave: Re: relro, aslr & stuff

Re: relro, aslr & stuff

From: Joel Eriksson <je_at_bitnux.com>
Date: Wed, 18 Apr 2007 09:41:07 +0200

On Tue, Apr 17, 2007 at 03:02:32PM +0200, Sebastian Krahmer wrote:
>
> Yo,
>
> For those who are in Linux exploitation:
>
> http://c-skills.blogspot.com/2007/04/relro.html

On a related note: 

---
/*
 * 0xbadc0ded.org Challenge #02 (2003-07-08)
 *
 * Joel Eriksson <je_at_0xbadc0ded.org>
 */
#include <string.h>
#include <stdlib.h>
#include <stdio.h>
unsigned long val = 31337;
unsigned long *lp = &val;
int main(int argc, char **argv)
{
        unsigned long **lpp = &lp, *tmp;
        char buf[128];
        if (argc != 2)
                exit(1);
        strcpy(buf, argv[1]);
        if (((unsigned long) lpp & 0xffff0000) != 0x08040000)
                exit(2);
        tmp = *lpp;
        **lpp = (unsigned long) &buf;
        *lpp = tmp;
        exit(0);
}
---
I knew the technique would turn out to be useful someday. ;)
> l8er,
> Sebastian
-- 
Best Regards,
Joel Eriksson
CTO Bitsec AB
_______________________________________________
Dailydave mailing list
Dailydave_at_lists.immunitysec.com
http://lists.immunitysec.com/mailman/listinfo/dailydave
Received on Apr 18 2007
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
edgeos