[18071] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: Overwriting ELF .dtors section to modify program execution

daemon@ATHENA.MIT.EDU (Brock Tellier)
Thu Dec 14 14:47:48 2000

Mime-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Message-ID:  <20001213210736.4420.qmail@nwcst288.netaddress.usa.net>
Date:         Wed, 13 Dec 2000 16:07:36 EST
Reply-To: Brock Tellier <btellier@USA.NET>
From: Brock Tellier <btellier@USA.NET>
X-To:         guidob@synnergy.net
To: BUGTRAQ@SECURITYFOCUS.COM
Content-Transfer-Encoding: 8bit

One real-world example of this technique in action is in my old xsoldier
FreeBSD ports collection exploit, though I made no reference to the fact that
it was a .dtors overwrite in the advisory.  It can be found at
www.technotronic.com/xnec/xsoldier.txt.

-brock

Guido Bakker <guidob@SYNNERGY.NET> wrote:
> 
>                         Overwriting the .dtors section.
> 
>                 by Juan M. Bello Rivas <rwxrwxrwx@synnergy.net>


____________________________________________________________________
Get free email and a permanent address at http://www.netaddress.com/?N=1


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[18071] in bugtraq

Re: Overwriting ELF .dtors section to modify program execution

daemon@ATHENA.MIT.EDU (Brock Tellier)Thu Dec 14 14:47:48 2000

daemon@ATHENA.MIT.EDU (Brock Tellier)
Thu Dec 14 14:47:48 2000