Create an Account
username: password:
 
  MemeStreams Logo

Leaders in Online Information Security Training » Return Oriented Exploitation (ROP)

search

Security Reads
My Blog
My Profile
My Audience
My Sources
Send Me a Message

sponsored links

Security Reads's topics
Arts
Business
Games
Health and Wellness
Home and Garden
Miscellaneous
Current Events
Recreation
Local Information
Science
Society
Sports
Technology

support us

Get MemeStreams Stuff!


 
Leaders in Online Information Security Training » Return Oriented Exploitation (ROP)
Topic: Miscellaneous 2:35 pm EDT, Apr 14, 2010

For all those who registered to AWE in BlackHat Vegas 2010 – we have special surprise for you… We’ve updated our “Bypassing NX” module with the buzzing ROP exploitation method. We took the PHP 6.0 Dev str_transliterate() 0Day Buffer Overflow Exploit and ported it to a Windows 2008 Server environment, with DEP on AlwaysOn mode. The general idea is to use carefully calculated jumps to function tails present in executable memory in order to align the stack for a WriteProcessMemory call. This call will copy our shellcode to an executable place in memory, and then jump to it. You can check out the exploit here.

Leaders in Online Information Security Training » Return Oriented Exploitation (ROP)



 
 
Powered By Industrial Memetics
RSS2.0