Friday, April 8, 2011

Linux exploit development part 3 - ret2libc

I'm not going to repeat myself from the paper, this will just be a short description of what the paper contains.

So in the previous tutorials our exploits were made on Backtrack 4 R2 now we are going to make them on Debian Squeeze (latest) because Backtrack does not have DEP enabled by default (PAE enabled kernel on 32 bits).

In short terms DEP or NX prevents some stack or heap memory spaces from being executed, it also prevents executable memory from being writable. This is very effective against buffer overflows that inject and execute malicious code. (More about NX here)

How to bypass this !? ... -> Linux exploit development part 3 - ret2libc.pdf

1 comment:

  1. ... [Trackback]...

    [...] Informations on that Topic: sickness.tor.hu/?p=368 [...]...

    ReplyDelete