Results 1 to 5 of 5

Thread: Are the days of exploits over?

  1. #1
    penguin_to_bits
    Guest

    Default Are the days of exploits over?

    I've heard that a few OS's have this thing whereby they label a certain piece of memory either as "executable" or "not executable". If you try to do a stack overflow exploit on one of these machines, the kernel will kill the process as soon as you try to treat data memory as if it were executable.

    What other kinds of exploits (if any) are still viable?

  2. #2
    Junior Member tek911's Avatar
    Join Date
    Jan 2010
    Posts
    59

    Default days of exploits over?

    Ever since those cave dwellers figured out fire we can't sneak in their caves at night and steal their women anymore....

    Ever since those damn chinese built this wall we cant come in and rape and pillage any more....

    Ever since those damn banks built those big steel safes we cant rob all their money any more....

    Life is full of bigger better mouse traps. The single common element is the human element. As long as we got people there will be holes. As long as there are holes there will be exploits. Be the guy developing exploits for these memory tagging systems. Hell just about every "new sec" tech i've seen has been cracked or at least beat on pretty bad.

    Had to edit my last line....that is with the exception of selinux j/k

  3. #3
    Very good friend of the forum hhmatt's Avatar
    Join Date
    Jan 2010
    Posts
    660

    Default

    Please correct me if I'm wrong but doesn't XP have a form of memory security although older and very weak?

    I recently saw muts has a few 0 day's for vista...

    Exploits aren't going out of style anytime soon. It just may require a little more brain to know how to implement them in the future.

  4. #4
    Super Moderator Archangel-Amael's Avatar
    Join Date
    Jan 2010
    Location
    Somewhere
    Posts
    8,012

    Default

    Quote Originally Posted by tek911 View Post

    Life is full of bigger better mouse traps. The single common element is the human element. As long as we got people there will be holes. As long as there are holes there will be exploits. Be the guy developing exploits for these memory tagging systems.
    Probably about as good as an explanation will get in regards to exploits.
    They will most likely always be around in some form or another.
    Every time the technology (hardware or software) changes there will be new bugs to be discovered and exploited.
    To be successful here you should read all of the following.
    ForumRules
    ForumFAQ
    If you are new to Back|Track
    Back|Track Wiki
    Failure to do so will probably get your threads deleted or worse.

  5. #5
    My life is this forum thorin's Avatar
    Join Date
    Jan 2010
    Posts
    2,629

    Default

    Though NX (No Execute) and other memory protection schemes add another layer of protection (which is good from a defense in depth perspective) there are already known and demonstrated attacks/bypasses.

    Practice some google'fu and you'll see what I mean. Here's one example: http://www.techweb.com/wire/security/166403451
    I'm a compulsive post editor, you might wanna wait until my post has been online for 5-10 mins before quoting it as it will likely change.

    I know I seem harsh in some of my replies. SORRY! But if you're doing something illegal or posting something that seems to be obvious BS I'm going to call you on it.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •