|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
RE: Thwarting /bin/bash, an anti-overflow concept ?
From: Altheide, Cory B. (AltheideC
nv.doe.gov)
Date: Wed Jan 07 2004 - 10:56:37 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
> -----Original Message-----
> From: Alex Schütz [mailto:antitrack_legendchello.at]
> Sent: Wednesday, January 07, 2004 4:40 AM
> To: vuln-dev
> Subject: Thwarting /bin/bash, an anti-overflow concept ?
>
>
>
> Dear Vuln-Dev's,
>
> Recently I had a simple idea about preventing hack attacks.
> Most buffer
> overflows are pretty happy calling /bin/bash as a final means
> to get an
> unauthorized root shell.
...
> Thinking this farther, we are going to force the exploit
> developer to bring
> along his own binary code of /bin/bash. This may not be
> possible in every
> case, since the buffer overflow cannot hold so much data.
>
I think you are mistakenly stuck on bash.
One could easily embed something like Tiny shell:
http://linux.tucows.com/preview/306138.html (or similar) into the exploit
post-overflow and achieve the same effect.
Please don't be angered or offended if I've overlooked something in your
post. ;)
Thanks!
Cory Altheide
Senior Network Forensics Specialist
NNSA Information Assurance Response Center (IARC)
altheidecnv.doe.gov
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]