[Dailydave] New embedded attack class
Dragos Ruiu
dr at kyx.net
Sat May 5 20:12:52 EDT 2007
On Saturday 05 May 2007 02:53, assault at hush.com wrote:
> i cant seem 2 find a references section in your paper that links to
> previous work in the subject. is this an intended rip-off or are
> you simply another amateur? otoh:
>
> http://lists.immunitysec.com/pipermail/dailydave/2007-
> March/004136.html
> http://ilja.netric.org/files/Unusual%20bugs%2023c3.pdf
You can find some of the references in Barnaby's previous
presentation, archived at on the CanSecWest site.
> i'm also not buying into this whole "new attack class" thing. can
> you really call exploiting null derefs (something that we knew
> possible for quite a while) a "new attack class" because you
> "found" a platform-specific way to attack them? i'd say it's a new
> attack vector, if anything.
Vector would imply simple, single, instance, which would
be inappropriate... as Barnaby's class embodies many
individual attack vectors across many pieces of ARM/PXA
code. "Class" is the appropriate term to use.
And though people may have known about exploiting
null derefs through the interrupt vector table, credit goes
to Barnaby for documenting and explaining the methodology
publicly - which if anyone else knew about it, they didn't do.
cheers,
--dr
More information about the Dailydave
mailing list