| To: | pen-test@securityfocus.com |
|---|---|
| Subject: | Format String Vulnerabilities |
| From: | "Mike Gibson" <micheal.gibson@gmail.com> |
| Date: | Fri, 18 May 2007 14:22:05 -0400 |
| Delivered-to: | sp-com-lists@consult.net |
| Delivered-to: | pentest-list2@consult.net |
| Delivered-to: | mailing list pen-test@securityfocus.com |
| Delivered-to: | moderator for pen-test@securityfocus.com |
| Dkim-signature: | a=rsa-sha1; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:to:subject:mime-version:content-type:content-transfer-encoding:content-disposition; b=b/IYjvHi42FCaPQ+XYfrsXsmTjgKRs7mfghNp6+oGGWs3XOALvnBCiqRpQh7UdR4qW5R2Ln+I1AXS/l6ZEUjVA1k1t3yUKQMBvreTCCR5tQWn8Jd7zHV5GKIkAP0IcbwsTER9Bp+dLLB4a+Q+fU9auPIj8dkzi2U+XfVYb589Fc= |
| Domainkey-signature: | a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:to:subject:mime-version:content-type:content-transfer-encoding:content-disposition; b=XnGr8fa/w7E4t6YQxHb7xn2oxcAz8xfNHRv1dMm7Dv8ihWkgQ92qxeQ/1FUKnmKxt5YmUHi/zqMBwlOehzGRUAAHI/FiS3NVhGZJeYlH4yaAp20di1Q+rcxEaobw5zpZE3SZLbc3V1JyrCFgv2vYxSawSdq6CmiTpGk63WojLvI= |
| List-help: | <mailto:pen-test-help@securityfocus.com> |
| List-id: | <pen-test.list-id.securityfocus.com> |
| List-post: | <mailto:pen-test@securityfocus.com> |
| List-subscribe: | <mailto:pen-test-subscribe@securityfocus.com> |
| List-unsubscribe: | <mailto:pen-test-unsubscribe@securityfocus.com> |
| Mailing-list: | contact pen-test-help@securityfocus.com; run by ezmlm |
| Resent-date: | Fri, 18 May 2007 12:26:22 -0600 (MDT) |
| Resent-from: | pen-test-return-1078484167@securityfocus.com |
| Resent-message-id: | <20070518182622.07ADF238ABD@outgoing3.securityfocus.com> |
| Resent-sender: | listbounce@securityfocus.com |
| Sender: | listbounce@securityfocus.com |
Hello, I have a custom application that I am using to learn a little more about format string vulnerabilities. It is basically an echo server. I have been able to exploit the vulnerability and write data to memory on the server however the problem I am seeing is that I want to overwrite EIP but every time the application runs the stack seems to be at a different location. Does anyone know if Red Hat 9 has any form of stack protection? If so is there a way to disable it? Mike ------------------------------------------------------------------------ This List Sponsored by: Cenzic Are you using SPI, Watchfire or WhiteHat? Consider getting clear vision with Cenzic See HOW Now with our 20/20 program! http://www.cenzic.com/c/2020 ------------------------------------------------------------------------ |
| <Prev in Thread] | Current Thread | [Next in Thread> |
|---|---|---|
| ||
| Previous by Date: | Re: Re: Sneaking a peek on Wlan in airports, killy |
|---|---|
| Next by Date: | Re: Sneaking a peek on Wlan in airports, Thor (Hammer of God) |
| Previous by Thread: | Legality of WEP Cracking, Richard Brinson |
| Next by Thread: | Re: Format String Vulnerabilities, Pranay Kanwar |
| Indexes: | [Date] [Thread] [Top] [All Lists] |