|
Vulnerability Development
mailing list archives
RE: Thwarting /bin/bash, an anti-overflow concept ?
From: "Altheide, Cory B." <AltheideC () nv doe gov>
Date: Wed, 7 Jan 2004 08:56:37 -0800
-----Original Message-----
From: Alex Schütz [mailto:antitrack_legend () chello at]
Sent: Wednesday, January 07, 2004 4:40 AM
To: vuln-dev
Subject: Thwarting /bin/bash, an anti-overflow concept ?
Dear Vuln-Dev's,
Recently I had a simple idea about preventing hack attacks.
Most buffer
overflows are pretty happy calling /bin/bash as a final means
to get an
unauthorized root shell.
...
Thinking this farther, we are going to force the exploit
developer to bring
along his own binary code of /bin/bash. This may not be
possible in every
case, since the buffer overflow cannot hold so much data.
I think you are mistakenly stuck on bash.
One could easily embed something like Tiny shell:
http://linux.tucows.com/preview/306138.html (or similar) into the exploit
post-overflow and achieve the same effect.
Please don't be angered or offended if I've overlooked something in your
post. ;)
Thanks!
Cory Altheide
Senior Network Forensics Specialist
NNSA Information Assurance Response Center (IARC)
altheidec () nv doe gov
 By Date 
By Thread
Current thread:
- RE: Thwarting /bin/bash, an anti-overflow concept ? Altheide, Cory B. (Jan 07)
|
Intro
