Vulnerability Development mailing list archives

Re: Exploiting Buffer Overflows on Compaq Tru64 and No-Exec Stack

From: dev-null () no-id com
Date: 16 May 2002 19:14:35 -0000

Remember that by controlling the instruction pointer, you can jump to anywhere in the program's code.  So take a look 
around.  Maybe there already exists legitimate code in the text segment to spawn a shell.  Or maybe you can jump past 
some authentication logic right into a convenient place you want to be.

All this is highly dependent on the program you're exploiting, but it will work regardless of an exec/no exec stack.

--
This message has been sent via an anonymous mail relay at www.no-id.com.

Current thread:

Exploiting Buffer Overflows on Compaq Tru64 and No-Exec Stack helmut schmidt (May 16)
- Re: Exploiting Buffer Overflows on Compaq Tru64 and No-Exec Stack Valdis . Kletnieks (May 16)
  - Re: Exploiting Buffer Overflows on Compaq Tru64 and No-Exec Stack KF (May 16)
  - Re: Exploiting Buffer Overflows on Compaq Tru64 and No-Exec Stack K2 (May 16)
- <Possible follow-ups>
- RE: Exploiting Buffer Overflows on Compaq Tru64 and No-Exec Stack Sam Pointer (May 16)
- Re: Exploiting Buffer Overflows on Compaq Tru64 and No-Exec Stack dev-null (May 16)
- Re: Exploiting Buffer Overflows on Compaq Tru64 and No-Exec Stack Muhammad Faisal Rauf Danka (May 17)
- Re: Exploiting Buffer Overflows on Compaq Tru64 and No-Exec Stack - OUAH - (May 17)