| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: jarlin at ifrance.com (Jarlin)
Subject: Execution Flow Control (EFC)
>
> PROS AND CONS OF EFC.
>
> 1. Can protect against known or unknown vulnerabilities.
>
> Ok, with that in mind, lets see how well it stands up to "unknown"
> attacks...
>
> I'm not one to judge product quality based (partially or otherwise) on
> past or current programming mistakes, but if I was, I'd say that
> something like:
>
> for(i=0;arg[i]; i++) {
> if ((strncmp(arg[i], "/etc/shadow",11) == 0) ||
> (strncmp(arg[i], "shadow",6) == 0)) {
> write(1,"arg cannot be shadow\n", 21);
> return 0;
> }
> }
>
> is a pretty poor way of making sure people don't play with your shadow
> file. There are many possibilities here, but the bottom line is that
> the webserver had a poorly written CGI application and EFC didn't seem
> to do much in the way of stopping someone from exploiting it and
> stealing the shadow file.
just what I have done , do a "more /etc/shadoz~" in the webshell.cgi ...
>
> fwiw,
>
> -jon
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
> _____________________________________________________________________
> Envie de discuter en "live" avec vos amis ? T?l?charger MSN Messenger
> http://www.ifrance.com/_reloc/m la 1?re messagerie instantan?e de France
>
--
Jarlin l'enchanteur
_____________________________________________________________________
Envie de discuter en "live" avec vos amis ? T?l?charger MSN Messenger
http://www.ifrance.com/_reloc/m la 1?re messagerie instantan?e de France
Powered by blists - more mailing lists