Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Symlink vulnerabilities

From: xD 0x41 <secn3t () gmail com>
Date: Wed, 26 Oct 2011 10:34:30 +1100
and, this is pwning nothing :)


On 26 October 2011 10:29, <Valdis.Kletnieks () vt edu> wrote:


On Wed, 26 Oct 2011 09:56:24 +1100, xD 0x41 said:


You can make it bypass Aslr ?


Nope. It can't, because ASLR doesn't enter into the picture. But then, *who
cares*?  Are you going to make it make it through a passport check too?
Because
that's as relevant to this exploit as ASLR is.


It still must bypass atleast ASLR on vanilla to be called a real poc,and

be

No. It has to pwn the target.  If it does so without bothering to do
anything that
requires ASLR bypass doesn't matter.

Or are you also going to insist that anybody breaking into your house has
to do
so by picking the big shiny lock on the front door that says ASLR, and
they're
not allowed to use a window, or an air conditioning vent, or a skylight, or
that old coal chute leading into the basement, or mail you a package that
opens
itself inside the house to reveal a robot that opens the front door from
the
inside, or social engineering you to demonstrate the awesomeness of the
lock,
and sneaking in while the door is open, or....

tl;dr: "Bypass ASLR" isn't the metric for an exploit. pwnage is.




_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: