I just blogged about a security tool that deploys a shell extension DLL, which is not compiled with the dynamic base flag, e.g. that doesn't support ASLR.
Hence this DLL can be used to find ROP gadgets.
The tool, which I didn't name in my blogpost, is SpyShelter. The DLL is SpyShelterShellExt.dll.
Sponsored by: █ Sparkhost - Hosting Without Compromises! █ Hybrid Performance Web Hosting █ Spark Host Stream Hosting █ Hybrid IRC & IRCd Server Shell Accounts
Security Tool Deploys Shell Extension Dll Without Aslr
Started by
DidierStevens
, Jan 17 2011 01:50 AM
2 replies to this topic
#1
DidierStevens
-
- Sergeant Major
-
- 100 posts
Specialist
#2
webdevil
-
- Sergeant Major
-
- 1,195 posts
Retired GSO General
Posted 18 January 2011 - 02:12 AM
I see irony but seriously, does anyone even use this product?
#3
DidierStevens
-
- Sergeant Major
-
- 100 posts
Specialist
Posted 20 January 2011 - 01:01 PM
Irony is good. ;-)
7-zip has the same problem. I should check WinZip too. That's popular.
7-zip has the same problem. I should check WinZip too. That's popular.
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users
