|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Alexander Sotirov (asotirov
determina.com)
Date: Fri Mar 30 2007 - 13:55:50 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Heap Feng Shui is the ancient art of arranging heap blocks in order to redirect
the program control flow to the shellcode. I just published the slides from my
BlackHat Europe presentation about a JavaScript implementation of this technique.
http://www.determina.com/security.research/presentations/
This work is an evolution of the heap spraying technique, but it allows precise
application data overwrites and reliable browser exploitation. It will be of
great interest to everybody working on client side exploitation.
The materials include slides, a paper and source code of a JavaScript heap
manipulation library.
Take care,
Alex
_______________________________________________
Dailydave mailing list
Dailydavelists.immunitysec.com
http://lists.immunitysec.com/mailman/listinfo/dailydave
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]