Overflowing Gentoo’s Gcc
April 18th, 2007
4 comments
From the last post, I found out.
i. jmp %esp is not possible for me.
ii. [buffer] + 4 is not possible also (atm , maybe ?)
Categories: 3xpl01ts
Archive
Archive for the ‘3xpl01ts’ Category
More Stack Protection for GCC 4.
April 14th, 2007
2 comments
This small note will talk about how randomzie allocated stack like protection in gcc 4.1 can protect a buggy code. Just a quick note for my self.
When gcc 3.4 came out, they intoroduce some new protections into the compiler. The whole idea is to protect vuln. binary being exploite and harder to smash the stack. The main idea is, bye bye
script kiddie.
Again, in gcc 4.1. There are something new and also interesting.
* GCC can now emit code for protecting applications from stack-smashing attacks. The protection is realized by buffer overflow detection and reordering of stack variables to avoid pointer corruption.
* Some built-in functions have been fortified to protect them against various buffer overflow (and format string) vulnerabilities. Compared to the mudflap bounds checking feature, the safe builtins have far smaller overhead. This means that programs built using safe builtins should not experience any measurable slowdown.
Categories: 3xpl01ts
snort 2.4.0 – 2.4.2 Back Orifice Pre-Preprocessor Remote Exploit (Ruby)
November 6th, 2006
No comments
Repost : Old Code
Version 0.1 (Public)
snort 2.4.0 – 2.4.2 Back Orifice Pre-Preprocessor Remote Exploit
by xwings at security dot net dot my
URL : http://www.security.net.my , somebody need to update the page
Saying Hi to ….
. All the 1337 c0d3r @ pulltheplug.org
. Gurus from #rubylang @ freenode.net
. Skywizard @ somewhere right now
. HITBSecConf CREW and Team Panda
03:07 < @mark> hey xwings
03:07 < @mark> why don’t you come up and see me sometime?
Tested on :
Linux debian24 2.4.27-2-386 #1 Mon May 16 16:47:51 JST 2005 i686 GNU/Linux
gcc version 3.3.5 (Debian 1:3.3.5-13)
Snort 2.4.2 , ./configure && make && make install
Use Ruby : http://www.ruby-lang.org
Categories: 3xpl01ts