Assuming we have a vulnerable c program and we found a buffer overflow vulnerability on the program and created an exploit on that. Can the same exploit be executed if the vulnerable c program runs on a different machine? Will memory addresses be the same?
I think the answer is no they probably won´t even be the same when running only in the same environment and on the same machine. There is nothing like a guarantee that it will have the same address.
A modern-day OS assigns the memory arbitrarily (within certain sections of course). This technique is called Address Space Layout Randomization. Also gcc or clang uses the --fstack-protector that prevents buffer overflow attacks
Hence, my final question confuses me and make no sense for me based on this video is how geohot manage to exploit a buffer overflow attack remotely if addresses would not the same. He first did it locally and then remotely. How does he manage to achieve it?
[link] [comments]
from hacking: security in practice https://ift.tt/T6N5itM
Comments
Post a Comment