|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Subject: Re: Overwriting ELF .dtors section to modify program execution
From: Brock Tellier (btellier
USA.NET)Date: Wed Dec 13 2000 - 15:07:36 CST
- Next message: BAILLEUX Christophe: "Potential Buffer Overflow vulnerability in bftpd-1.0.13"
- Previous message: secureCONECTIVA.COM.BR: "[CLA-2000:358] Conectiva Linux Security Announcement - pam"
- Maybe in reply to: Guido Bakker: "Overwriting ELF .dtors section to modify program execution"
- Next in thread: Mariusz Woloszyn: "Re: Overwriting ELF .dtors section to modify program execution"
- Maybe reply: Brock Tellier: "Re: Overwriting ELF .dtors section to modify program execution"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
One real-world example of this technique in action is in my old xsoldier
FreeBSD ports collection exploit, though I made no reference to the fact that
it was a .dtors overwrite in the advisory. It can be found at
www.technotronic.com/xnec/xsoldier.txt.
-brock
Guido Bakker <guidobSYNNERGY.NET> wrote:
>
> Overwriting the .dtors section.
>
> by Juan M. Bello Rivas <rwxrwxrwxsynnergy.net>
____________________________________________________________________
Get free email and a permanent address at http://www.netaddress.com/?N=1
- Next message: BAILLEUX Christophe: "Potential Buffer Overflow vulnerability in bftpd-1.0.13"
- Previous message: secureCONECTIVA.COM.BR: "[CLA-2000:358] Conectiva Linux Security Announcement - pam"
- Maybe in reply to: Guido Bakker: "Overwriting ELF .dtors section to modify program execution"
- Next in thread: Mariusz Woloszyn: "Re: Overwriting ELF .dtors section to modify program execution"
- Maybe reply: Brock Tellier: "Re: Overwriting ELF .dtors section to modify program execution"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]