主题:一篇讲memory overflow导致被攻击的文章 -- yueyu
这篇paper很有趣,也很有用。
扪心自问,我们几个人真正考虑代码的安全性了?有几个人的代码经得起安全专家的推敲的?
我记得以前看关于secure codes方面的paper,一边看,一边流冷汗。我觉得自己已经够nerd的了,但山外有山
http://insecure.org/sploits/non-executable.stack.problems.html
哪位同学有空,可以翻译出来以饷同好
http://insecure.org/sploits/non-executable.stack.problems.html
Summary
Description: A very interesting paper on defeating non-executable stack patches. It goes through the steps needed to exploit the XServer <LONGDISPLAY> hole in Linux even with a non-execute patch.
Author: Rafal Wojtczuk <[email protected]>
Compromise: root (local)
Vulnerable Systems: This just shows (as Solar Designer is well aware) that in some cases the non-executable stack patch can be subverted via sneaky techniques.
Date: 30 January 1998
Notes: Solar Designer's respons is in the addendum.
Details
Date: Fri, 30 Jan 1998 18:09:35 +0100
From: Rafal Wojtczuk <[email protected]>
Subject: Defeating Solar Designer non-executable stack patch
-=[ Defeating Solar Designer's Non-executable Stack Patch ]=-
Text and souce code written by Rafal Wojtczuk ( [email protected] )
Section I. Preface
The patch mentioned in the title has been with us for some time. No doubt it
stops attackers from using hackish scripts; it is even included in
just-released Phrack 52 as a mean to harden your Linux kernel. However, it
seems to me there exist at least two generic ways to bypass this patch fairly
easily ( I mean its part that deals with executable stack ). I will explain
the details around section V.
Before continuing, I suggest to refresh in your memory excellent
Designer's article about return-into-libc exploits. You can find it at
http://www.geek-girl.com/bugtraq/1997_3/0281.html
"I recommend that you read the entire message even if you aren't
running Linux since a lot of the things described here are
applicable to other systems as well."
from the afore-mentioned Solar Designer's article
更多的,大家有兴趣,我们再仔细讨论。
iphone就是这么被破解滴
本帖一共被 1 帖 引用 (帖内工具实现)
- 相关回复 上下关系8
🙂一篇讲memory overflow导致被攻击的文章
🙂一点更正+八卦 pix 字285 2009-02-18 12:59:41
🙂link 素里太守 字61 2009-02-18 15:15:10
🙂请问您要干啥? pix 字22 2009-02-18 21:43:14
🙂。 素里太守 字215 2009-02-18 22:46:34
🙂那个是很老的口水帖了 pix 字178 2009-02-19 11:29:31
😁口水里面还是有一定的“蛋白质”。 素里太守 字375 2009-02-19 13:56:29
🙂原理一样而已 yueyu 字230 2009-02-18 13:11:11