[Dailydave] Nitin Kumar & Vipin Kumar: "please remember to givenecessary credit to the authors" PKB.
Dave Korn
dave.korn at artimi.com
Fri Apr 27 09:49:21 EDT 2007
On 26 April 2007 22:23, Dave Korn wrote:
> I will concede that they've done at least some genuine work in reversing
> the integrity checks in the loader, but that's fairly routine stuff;
> bypassing a check by altering the test in a branch instruction is pretty
> trivial, it's about on the level of finding an infinite lives poke in a
> computer game.
Now I see this coming back at me on the list, it occurs to me to mention a
*far* more relevant comparison: it's exactly what Hoglund showed in his
earliest work about hot-patching a one-byte bypass into SeAccessCheck. That
was back in NT3.51 days, 1995 or so IIRC.
cheers,
DaveK
--
Can't think of a witty .sigline today....
More information about the Dailydave
mailing list