grsecurity forums


https://forums.grsecurity.net./

Can This Type of Windows ASLR Exploit Defeat PaX?

https://forums.grsecurity.net./viewtopic.php?f=3&t=2246

Page 1 of 1

Can This Type of Windows ASLR Exploit Defeat PaX?

PostPosted: Thu Feb 04, 2010 1:14 pm
by ShellCode
http://www.theregister.co.uk/2010/02/03 ... on_bypass/

Read about it there. Basically a JIT-spraying attack on Flash. Is this sort of thing doable against the Linux implementation of ASLR (whether it be PaX or not)?

Re: Can This Type of Windows ASLR Exploit Defeat PaX?

PostPosted: Thu Feb 04, 2010 8:13 pm
by PaX Team
ShellCode wrote:http://www.theregister.co.uk/2010/02/03/microsoft_windows_protection_bypass/

Read about it there. Basically a JIT-spraying attack on Flash. Is this sort of thing doable against the Linux implementation of ASLR (whether it be PaX or not)?
of course it is, why wouldn't it be? also the whole 'new' attack is anything but, it's what you get when you allow a process to generate code at runtime, it may very well generate shellcode then. what one can do about it is to prevent the control flow transfer into it, but that requires some toolchain and JIT engine work.
All times are UTC - 5 hours [ DST ]
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Group
https://www.phpbb.com/