zlacker

[parent] [thread] 2 comments
1. blackf+(OP)[view] [source] 2018-01-18 19:45:14
The text-segment of the code containing the machine instructions is in read-only memory. You won't be able to overflow a heap variable with the intention of writing to the text-segment of memory without causing a segfault.
replies(1): >>0x0+Xd
2. 0x0+Xd[view] [source] 2018-01-18 21:12:08
>>blackf+(OP)
But with ROP, there's usually no need to write into the text-segment to execute arbitrary code.
replies(1): >>blackf+WS
◧◩
3. blackf+WS[view] [source] [discussion] 2018-01-19 03:56:37
>>0x0+Xd
In order to do ROP, you need to chain together gadgets of code segments which means you need to be able to see the source code/binary. This doesn't reveal any information about the call stack nor the available libraries to chain together ROP. And that's if stack canaries haven't screwed things up already.
[go to top]