Create an Account
username: password:
 
  MemeStreams Logo

Harmony Security : Blog

search

Security Reads
My Blog
My Profile
My Audience
My Sources
Send Me a Message

sponsored links

Security Reads's topics
Arts
Business
Games
Health and Wellness
Home and Garden
Miscellaneous
Current Events
Recreation
Local Information
Science
Society
Sports
Technology

support us

Get MemeStreams Stuff!


 
Harmony Security : Blog
Topic: Miscellaneous 1:39 pm EDT, Apr 12, 2010

Monday 12 April 2010 - A little return oriented exploitation on Windows x86 (Part 1)

Overview
This post will take a look at how Return Oriented Programming (ROP) can be used on x86 Windows in order to bypass DEP and gain arbitrary code execution. The example I will use is from an exploit I wrote last year for a stack based buffer overflow I found in the Sun Java Virtual Machine which was recently patched and disclosed by TippingPoint's ZDI. (ZDI-10-061). Part 2 of this blog post will look at an experimental compiler convention that aims to mitigate return oriented attacks such as the one presented here.

Harmony Security : Blog



 
 
Powered By Industrial Memetics
RSS2.0