Remote Exploit test fail
From: Minchu Mo (morris_minchu@iwon.com)Date: 10/25/01
- Previous message: Alex Noordergraaf: "Re: Security for SUN-Cluster 3.0/2.2 with OPS (8.1.7)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: 25 Oct 2001 14:02:51 -0000 Message-ID: <20011025140251.6743.qmail@mail.securityfoucs.com> From: Minchu Mo <morris_minchu@iwon.com> To: focus-sun@securityfocus.com Subject: Remote Exploit test fail('binary' encoding is not supported, stored as-is) Mailer: SecurityFocus
I am testing a remote buffer overflow exploit on
sparcV9/solaris7 machine. The buffer overflow
happen in stack but jump to the hacking code resides
in heap. The hacking code is borrowed from lsp-pl
site ( findsock and shellcode).
When I traced the vulnerable server using adb, I can
see the control was transfered into the hacking code,
and spawn a shell and then failed with code dump
after shell spawning. But if I let the server run freely
without control from adb, the server seem to immune
to the attack and continue running.
My question is:
1.why the server behavior differently in adb and
realtime.
2. Whether the heap allow the code be executed from
heap.
3. Or some other things prevent overflow happen
- Previous message: Alex Noordergraaf: "Re: Security for SUN-Cluster 3.0/2.2 with OPS (8.1.7)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
