Getting passwords from the heap?

From: Jason Spence (thalakanat_private)
Date: Mon Jun 25 2001 - 13:21:08 PDT

Next message: Alexander Sarras (SEA): "RE: Valid characters on one o/s are invalid on another"

Previous message: Kayne Ian (Softlab): "Valid characters on one o/s are invalid on another"
Next in thread: Felix von Leitner: "Re: Getting passwords from the heap?"
Reply: Felix von Leitner: "Re: Getting passwords from the heap?"
Reply: H D Moore: "Re: Getting passwords from the heap?"
Reply: Michael Wojcik: "RE: Getting passwords from the heap?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi -

I was trying to explain to someone why it's important to do a
memset(3) on newly allocated memory by firing up gdb and doing
hexdumps of raw uninitialized memory, when I noticed there was what
looked like privileged information in the hexdump!  

I don't know very much about the specifics of how malloc works, but is
this a valid method of trying to get privileged information from an
unprivilieged account?  For example, does memory that root allocates
then deallocates become available to user processes via malloc(3)?

I'm going to research this some more and put together a report with
the feedback I get if it turns out that this is a valid method of
attacking a system from a non-root account.

-- 
 - Jason

MOUNT TAPE U1439 ON B3, NO RING

Next message: Alexander Sarras (SEA): "RE: Valid characters on one o/s are invalid on another"
Previous message: Kayne Ian (Softlab): "Valid characters on one o/s are invalid on another"
Next in thread: Felix von Leitner: "Re: Getting passwords from the heap?"
Reply: Felix von Leitner: "Re: Getting passwords from the heap?"
Reply: H D Moore: "Re: Getting passwords from the heap?"
Reply: Michael Wojcik: "RE: Getting passwords from the heap?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Tue Jun 26 2001 - 08:44:41 PDT