Dailydave mailing list archives
Re: Nitin Kumar & Vipin Kumar: "please remember to givenecessary credit to the authors" PKB.
From: "Dave Korn" <dave.korn () artimi com>
Date: Fri, 27 Apr 2007 14:49:21 +0100
On 26 April 2007 22:23, Dave Korn wrote:
I will concede that they've done at least some genuine work in reversing the integrity checks in the loader, but that's fairly routine stuff; bypassing a check by altering the test in a branch instruction is pretty trivial, it's about on the level of finding an infinite lives poke in a computer game.
Now I see this coming back at me on the list, it occurs to me to mention a *far* more relevant comparison: it's exactly what Hoglund showed in his earliest work about hot-patching a one-byte bypass into SeAccessCheck. That was back in NT3.51 days, 1995 or so IIRC. cheers, DaveK -- Can't think of a witty .sigline today.... _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- Nitin Kumar & Vipin Kumar: "please remember to give necessary credit to the authors" PKB. Dave Korn (Apr 26)
- Message not available
- Re: Nitin Kumar & Vipin Kumar: "please remember to give necessary credit to the authors" PKB. Dave Korn (Apr 27)
- Re: Nitin Kumar & Vipin Kumar: "please remember to givenecessary credit to the authors" PKB. Dave Korn (Apr 27)
- Re: Nitin Kumar & Vipin Kumar: "please remember to give necessary credit to the authors" PKB. Dave Korn (Apr 27)
- Message not available
- Re: Nitin Kumar & Vipin Kumar: "please remember to give necessary credit to the authors" PKB. Jeff Moore (Apr 27)
- Re: Nitin Kumar & Vipin Kumar: "please remember to give necessary credit to the authors" PKB. Joanna Rutkowska (Apr 27)
- Re: Nitin Kumar & Vipin Kumar: "please remember to give necessary credit to the authors" PKB. Michal Zalewski (Apr 27)
- Re: Nitin Kumar & Vipin Kumar: "please remember to give necessary credit to the authors" PKB. dailydave (Apr 27)