ASLR bypass

ASLR bypass

Embodiments bypass Address Space Layout Randomization (ASLR) executed on a web server that implements a web function. Embodiments, from a client remote from the web server, construct a stack layout of the web function. Embodiments identify memory locations of the stack layout that are writable and r...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: Ganesan, Dharmalingam, Clifton, David M
Format: Patent
Sprache:eng
Schlagworte:
CALCULATING
COMPUTING
COUNTING
DATA PROCESSING SYSTEMS OR METHODS, SPECIALLY ADAPTED FORADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORYOR FORECASTING PURPOSES
ELECTRIC DIGITAL DATA PROCESSING
PHYSICS
SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE,COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTINGPURPOSES, NOT OTHERWISE PROVIDED FOR
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:Embodiments bypass Address Space Layout Randomization (ASLR) executed on a web server that implements a web function. Embodiments, from a client remote from the web server, construct a stack layout of the web function. Embodiments identify memory locations of the stack layout that are writable and read a currently stored library instruction address of a library at the identified memory locations. Embodiments then iteratively increment the currently stored library instruction address by one and overwriting the identified memory locations until a remote shell is successfully spawned or another malicious instruction is executed.