[Dailydave] VPC
Alexander Sotirov
alex at sotirov.net
Sun Feb 24 03:39:58 EST 2008
On Thu, Feb 21, 2008 at 07:54:05AM -0500, Dave Aitel wrote:
> So in the Microsoft/Immunity/iSec Defend the Flag class here at BlackHat
> Federal, I learned the hard way that VPC moves memory all around and
> your previously great universal addresses don't work. So you'll end up
> trying really hard to find an address that defeats SafeSEH on 2003 SP0
> in 15 minutes or less.
Are you talking about Microsoft Virtual PC or something else? What do you
mean by "moves memory all around"? If you boot 2003 SP0 inside a virtual
machine, the Windows kernel is not magically going to gain ASLR support,
so why why wouldn't a universal address work?
Alex
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 186 bytes
Desc: not available
Url : http://lists.immunitysec.com/pipermail/dailydave/attachments/20080224/305c4b8c/attachment.pgp
More information about the Dailydave
mailing list