> > I'm a bit surprised to see this technique is known... I called this > > technique shared library interception and first implemented it > > this January. HAL2001, Halvar Flake, a packed (and I do mean packed) auditorium. Auditing source code and binaries. The library interception came up, it's not exactly a new technique. Kurt Seifried, kurtat_private A15B BEE5 B391 B9AD B0EF AEB0 AD63 0B4E AD56 E574 http://seifried.org/security/
This archive was generated by hypermail 2b30 : Wed Mar 27 2002 - 13:55:47 PST