Re: Is GOT exploitable in solaris?

From: KF (dotslashat_private)
Date: Tue Dec 25 2001 - 10:51:03 PST

Previous message: 3APA3A: "Re[2]: "Universal Plug and Play technology exploit code""
In reply to: Minchu Mo: "Is GOT exploitable in solaris?"
Next in thread: Shaun Clowes: "Re: Is GOT exploitable in solaris?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On the same note ANY papers with specifics to Big Endian format string 
exploitation is something I have longed for for some time now... I am 
working on an MPC750 powerpc processor. Please post links!
-KF


Minchu Mo wrote:

> 
> The entry of Global Offset Table in linux is pointer to 
> piece of executable code( say printf), so overwrite the 
> pointer will force the process run your shellcode or 
> whatever..
> 
> Maybe a mistake/illusion after too much beer,  I found 
> the Solaris implmentation of GOT entry is actually not 
> pointer, but starting point of 3 instructions which 
> finally jump to say, printf executable code. So 
> overwrite the entry with your shell code address 
> simply corrupt these instruction but not control the 
> process.
> 
> Has anybody succesfully exploit GOT entry in solaris?
> 
> Or another way of asking; Is GOT/PLT implemented 
> differently in linux/solaris?
> 
> 
>

Next message: KF: "wget core dumps"
Previous message: 3APA3A: "Re[2]: "Universal Plug and Play technology exploit code""
In reply to: Minchu Mo: "Is GOT exploitable in solaris?"
Next in thread: Shaun Clowes: "Re: Is GOT exploitable in solaris?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Wed Dec 26 2001 - 09:40:22 PST