lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Fri May 26 08:12:52 2006
From: c0ntexb at gmail.com (c0ntex)
Subject: ASLR now built into Vista

On 26/05/06, David Litchfield <davidl@...software.com> wrote:
> Address Space Layout Randomization is now part of Vista as of beta 2 [1] . I
> wrote about ASLR on the Windows platform back in September last year [2] and
> noted that unless you rebase the image exe then little (not none!) is added.
> ASLR in Vista solves this so remote exploitation of overflows has just got a
> lot harder. I've not done a thorough analysis yet but, all going well, this
> is a fantastic way for Microsoft to go and builds on the work done with
> NX/DEP and stack cookies/canaries.

Since ASLR has been in and has been trivially circumvented in Linux
for years now (see my papers on return-to-libc & return-to-got) I
don't see it being a particularly hard issue to defeat :-)  Maybe
though, if they also randomise some other key areas like heap
locations and do some fancy relocation to non writable/executable
pages plus the drop-in of some ascii armour, we might then be on par
with a hardened Linux or *BSD..

Granted, I haven't looked at Vista yet :)

-- 

regards
c0ntex

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ