Dailydave mailing list archives

Re: Exploits matter.

From: Aaron <apconole () yahoo com>
Date: Thu, 8 Oct 2009 10:19:12 -0700 (PDT)

Under linux, it's as easy as setting your "personality" to SYSVR4, mmap'ing the 0th address, and filling it with your 
code.
That's for local exploit anyway. I'm not sure about remotely exploiting a NULL dereference, or about non-linux systems 
(read: it may be possible, but I just don't know for sure one way or the other).




________________________________
From: Ilfak Guilfanov <ig () hexblog com>
To: Steve Shockley <steve.shockley () shockley net>
Cc: dailydave () lists immunitysec com
Sent: Thu, October 8, 2009 4:47:19 AM
Subject: Re: [Dailydave] Exploits matter.


Sorry for my ignorance, are NULL pointer dereference bugs exploitable today?

Steve Shockley said the following on 7/10/2009 15:56:

On 10/6/2009 10:12 AM, dave wrote:

But if you are like me, you are thinking "But it's still worth it". And
here's why: Without exploits, you have no way to know what matters. Or,
more realistically, what doesn't matter. I.E. in this case, 64 bit
computers are not going to be exploited with SMBv2 any time soon, of at
all. Since enterprises skipped Vista and use 64 bit for their Windows
2008 servers, SMBv2 didn't hurt as badly as you would expect.


Doesn't that just mean that *you* can't exploit it right now?  Not 
trying to insult your haxxor skillz, but a few years ago you couldn't 
get a virus via email or Word, and null pointer dereference bugs could 
never be exploited.
_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://lists.immunitysec.com/mailman/listinfo/dailydave



-- 
Best regards,
  Ilfak                            mailto:ig () hexblog com
_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://lists.immunitysec.com/mailman/listinfo/dailydave

_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://lists.immunitysec.com/mailman/listinfo/dailydave

Current thread:

Re: Exploits matter., (continued)
- - - Message not available
    - Re: Exploits matter. security curmudgeon (Oct 08)
    - Message not available
    - Re: Exploits matter. security curmudgeon (Oct 08)
    - Re: Exploits matter. Tom Parker (Oct 08)
    - Re: Exploits matter. alexm (Oct 08)
    - Re: Exploits matter. vincent hinderer (Oct 08)
    - Re: Exploits matter. security curmudgeon (Oct 08)
- Re: Exploits matter. Steve Shockley (Oct 07)
  - Re: Exploits matter. Ilfak Guilfanov (Oct 08)
    - Re: Exploits matter. Alexander Sotirov (Oct 08)
    - Re: Exploits matter. Jesse Gough (Oct 08)
    - Re: Exploits matter. Aaron (Oct 08)