Home page logo

metasploit logo Metasploit mailing list archives

Javascript Shellcode
From: asotirov at determina.com (Alexander Sotirov)
Date: Tue, 20 Feb 2007 19:55:26 -0800

H D Moore wrote:
Do whatever you can to see this talk, Alex's exploitation methods for 
client-side exploits are second to none (my heap-fill code is sloppy 
trash by comparison).

Hah, you should tell this to Dragos, I'm still waiting to find out if the talk
was accepted for CanSecWest.

The presentation is about a new technique for precise manipulation of the
browser heap layout using specific sequences of JavaScript allocations. I'll
release a JavaScript library with functions for setting up the heap in a
controlled state before triggering a heap corruption bug. This will allow the
exploitation of very difficult heap corruption vulnerabilities with great
reliability and precision.

Even if you can't make it to the conference, check out the paper afterwards, it
will be worth it.


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]