Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
Re: "Moving" Stack: my poor return address!
From: Andrea Purificato - bunker (bunkerfastwebnet.it)
Date: Tue Aug 01 2006 - 18:18:11 CDT
Alle 04:03, marted́ 1 agosto 2006, Jack C ha scritto:
> I'm running on Fedora 5. Is this a security thing that's new in the past
> 2 years or so since I've coded one of these? Is there any way I can
> either (1) make the stack sit still so I can point into it or (2) find
> out where it is during execution?
in 2.6 kernel there is a new "feature" about pseudo stack randomization
through virtual addresses in memory.
Try to search on google "stack randomization" and similar and you get a lot of
useful information. There are different technics to bypass this security
feature, try to play with these:
Andrea "bunker" Purificato