('binary' encoding is not supported, stored as-is) In-Reply-To: <000101c34eaa$ecf34a80$0101a8c0@gfserver> Hi thomas There is no need for a tool like IDA pro when you've got source code available under your Visual C++ 7.0 CRT\SRC directory. The security check is enabled by adding the /GS option to the compiler's command line. These two links will explain microsoft's stack smashing protection: http://std.dkuug.dk/JTC1/SC22/WG21/docs/papers/2003/n1462.pdf http://msdn.microsoft.com/library/default.asp?url=/library/en- us/dv_vstechart/html/vctchCompilerSecurityChecksInDepth.asp Regards, Mark Feldman <mkfeldmanat_private> >From: "Andrew Thomas" <andrewat_private> >To: <vuln-devat_private> >Subject: Anyone looked at the canary stack protection in Win2k3? >Date: Sun, 20 Jul 2003 12:37:03 +0200 > >I've looked a bit at a single disassembly that I got >(IDA Pro) of the package. It's quite cute that MS have >started creating a 'fix' to reduce the probability >of programmatic errors in their code having as great >an impact as they could. > >Any comments on their canary generator? It seems to >generate enough randomness, with use of: >GetSystemTimeAsFileTime >GetCurrentProcessId >GetCurrentThreadId >GetTickCount >QueryPerformanceCounter > >all nicely xor'ed together. But then again, I am not >an expert in these matters. >
This archive was generated by hypermail 2b30 : Wed Aug 06 2003 - 09:40:54 PDT