|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Minchu Mo (morris_minchu
iwon.com)Date: Thu Oct 25 2001 - 09:02:51 CDT
('binary' encoding is not supported, stored as-is)
Mailer: SecurityFocus
I am testing a remote buffer overflow exploit on
sparcV9/solaris7 machine. The buffer overflow
happen in stack but jump to the hacking code resides
in heap. The hacking code is borrowed from lsp-pl
site ( findsock and shellcode).
When I traced the vulnerable server using adb, I can
see the control was transfered into the hacking code,
and spawn a shell and then failed with code dump
after shell spawning. But if I let the server run freely
without control from adb, the server seem to immune
to the attack and continue running.
My question is:
1.why the server behavior differently in adb and
realtime.
2. Whether the heap allow the code be executed from
heap.
3. Or some other things prevent overflow happen
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]