-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Anyone tried setting the HKLM\SYSTEM\CurrentControlSet\Control\Session
Manager\Memory Management\MoveImages key (which, by default, does not
exist) so as to mandate ASLR coverage (value of -1 to mandate coverage on
all PEs)? Anyone had success (or big
I decided to poke around on my friend’s Fedora Core 6 system the other day and
examine the exec-shield and ASLR mechanisms. So far the combination of
exec-shield and library addresses having their most significant bit set to 0x00
has blocked me from developing useful exploitation techniques agai
Dear c0ntex,
--Friday, May 26, 2006, 11:12:41 AM, you wrote to [EMAIL PROTECTED]:
c> Since ASLR has been in and has been trivially circumvented in Linux
c> for years now (see my papers on return-to-libc & return-to-got) I
c> don't see it being a particularly hard issue to defeat :-) Maybe
c>
So is this a paid Microsoft advertisment?
On Fri, 26 May 2006 13:22:49 +1000 David Litchfield
<[EMAIL PROTECTED]> wrote:
>Address Space Layout Randomization is now part of Vista as of beta
>2 [1] . I
>wrote about ASLR on the Windows platform back in September last
>year [2] and
>noted that u
On 26/05/06, David Litchfield <[EMAIL PROTECTED]> wrote:
Address Space Layout Randomization is now part of Vista as of beta 2 [1] . I
wrote about ASLR on the Windows platform back in September last year [2] and
noted that unless you rebase the image exe then little (not none!) is added.
ASLR in V
Address Space Layout Randomization is now part of Vista as of beta 2 [1] . I
wrote about ASLR on the Windows platform back in September last year [2] and
noted that unless you rebase the image exe then little (not none!) is added.
ASLR in Vista solves this so remote exploitation of overflows has
