<a href="http://g.adspeed.net/ad.php?do=clk&zid=14678&wd=728&ht=90&pair=as" target="_top"><img style="border:0px;" src="http://g.adspeed.net/ad.php?do=img&zid=14678&wd=728&ht=90&pair=as" alt="i" width="728" height="90"/></a>

Nmap Security Scanner

Docs
Security Lists

Full Disclosure

More
Security Tools

Packet crafters

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

edgeos

Vulnerability Development: Re: "Moving" Stack: my poor return address!

Re: "Moving" Stack: my poor return address!

From: Javor Ninov <drfrancky_at_securax.org>
Date: Mon, 28 Aug 2006 20:12:37 +0300

You should look also at http://www.milw0rm.com/papers/55
very good example

--
Javor Ninov aka DrFrancky
drfrancky shift+2 securax.org
list-recv_at_crepinc.com wrote:
> Thanks all for letting me know about stack randomization.
> 
> So is it safe to say that "traditional" stack-based exploits such as in my origianl post are a thing of the past, and current exploit developers use methods like returning into libc to get a shell / etc?
> 
> Thanks again,
> 
> -Jack Carrozzo
> jack   _{@}_   crepinc.com

application/pgp-signature attachment: OpenPGP digital signature

Received on Aug 29 2006

This message: [ Message body ]
Previous message: Stephen Samuel: "Re: Skype API Ap2Ap Stream Creation Flaw"
In reply to: list-recv_at_crepinc.com: "Re: "Moving" Stack: my poor return address!"
Next in thread: Jon Erickson: "Re: "Moving" Stack: my poor return address!"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]

edgeos