On Wed, Jul 10, 2013 at 10:57 AM, kaveh ghaemmaghami < kavehghaemmagh...@googlemail.com> wrote:
> 1.The crash you showed does not control eip > (its not a stack-based bof) > And? You still need to control EIP or the exploit doesn't, you know, actually work. :P > 2.not even arbitrary memory > (check further instructions) > You posted only one instruction and it's a read operation, proving nothing. You're either lazy or don't actually get what's going on. -- “There's a reason we separate military and the police: one fights the enemy of the state, the other serves and protects the people. When the military becomes both, then the enemies of the state tend to become the people.”
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/