--- Hung Vu <hungvuat_private> a écrit : > - Dtors > - _atexit stuff How do you plan to overwrite these? > Where else? IMHO, you should take the problem in a more systematic way. i.e. you can overwrite: 1) any pointer to the code 2) code itself 3) or any function that generates the code (using a technique from points 1 or 2) (3) could mean "just in time compilers" or interpreters, and I am not sure thise would be worth the cost. Dynamic loader hijack is also in this category. (1) C function pointers, return address on stack, method / class pointer (if this makes sense)... (2) code segment (if they can be written), code on stack (e.g. glibc & the GCC trampolines...) or in data segment (some dynamic loaders use this) Just my 0.02$ ___________________________________________________________ Do You Yahoo!? -- Une adresse @yahoo.fr gratuite et en français ! Yahoo! Courrier : http://courrier.yahoo.fr
This archive was generated by hypermail 2b30 : Sun Nov 18 2001 - 09:19:07 PST