Vulnerability Development mailing list archives
RE: Thwarting /bin/bash, an anti-overflow concept ?
From: "Altheide, Cory B." <AltheideC () nv doe gov>
Date: Wed, 7 Jan 2004 08:56:37 -0800
-----Original Message----- From: Alex Schütz [mailto:antitrack_legend () chello at] Sent: Wednesday, January 07, 2004 4:40 AM To: vuln-dev Subject: Thwarting /bin/bash, an anti-overflow concept ? Dear Vuln-Dev's, Recently I had a simple idea about preventing hack attacks. Most buffer overflows are pretty happy calling /bin/bash as a final means to get an unauthorized root shell.
...
Thinking this farther, we are going to force the exploit developer to bring along his own binary code of /bin/bash. This may not be possible in every case, since the buffer overflow cannot hold so much data.
I think you are mistakenly stuck on bash. One could easily embed something like Tiny shell: http://linux.tucows.com/preview/306138.html (or similar) into the exploit post-overflow and achieve the same effect. Please don't be angered or offended if I've overlooked something in your post. ;) Thanks! Cory Altheide Senior Network Forensics Specialist NNSA Information Assurance Response Center (IARC) altheidec () nv doe gov
Current thread:
- RE: Thwarting /bin/bash, an anti-overflow concept ? Altheide, Cory B. (Jan 07)
- <Possible follow-ups>
- Re: Thwarting /bin/bash, an anti-overflow concept ? Vlad Tsyrklevich (Jan 10)