[framework] linux 2.6 stack randomization
tim-pentest at sentinelchicken.org
Sat Dec 17 09:08:05 PST 2005
This is kinda off-topic, but if you know of any links to point me to,
I'd appreciate it.
> although on Linux you tend to lose portability quickly for certain types
> of regions, like text segments. There have been papers outling how to
> take advantage of the new vsyscall mapping for exploitation, so that
I noticed Fedora Core 4, and possibly earlier versions, have a libc set
up where most/all addresses contain a NULL byte in them. In this
situation, is there any easy way to get return-into-libc exploits to
work? Doesn't seem possible, since things like sprintf() can't even be
called with arguments...
More information about the framework