Quote:
Originally Posted by arnix
>>Or am I wrong somehow?
No, you are right, "packing does not complicate the exploitation of buffer overflows".
This is a rather strange question, where did you hear that simple packing may prevent buffer overflow exploitation?
|
Thanks for your answer. While testing software, I frequently find buffer overflows. Instead of
fixing the problem, people often try to complicate things (e.g. installing Address space layout randomization software).
The newest trick one of the programmers suggested was using UPX, because "the hacker needs encrypted shellcode"
I doubt it, but as I am not too experienced in these topics, I just wanted some backup opinion. Thanks for it!
boeser.hacker