Exetools  

Go Back   Exetools > General > General Discussion
Reload this Page Buffer overflows in packed code
Register Forum Rules FAQ Calendar

Notices

 
 
Thread Tools Display Modes
Prev Previous Post   Next Post Next
  #1  
Old 08-17-2009, 23:43
boeser.hacker
 
Posts: n/a
Buffer overflows in packed code
Hi,

I have doubts about my understanding how/if packers protect against injecting shellcode. Take for example this analysis of the SKYPE software:
http://www.secdev.org/conf/skype_BHEU06.handout.pdf

As far as I understood this paper, those guys found a buffer overflow in the unpacked SKYPE code in the RAM. Apparently, they could exploit it and were able to inject shell code.

Of course, some chunks of code have to be unpacked in RAM. And as you do not need to inject packed shell code, you can do it. Seems to be clear to me.

So, packing does not complicate the exploitation of buffer overflows? It just complicates to find the buffer overflows?

Or am I wrong somehow?

boeser.hacker
Reply With Quote
 

Tags
buffer overflow, exploit, packer

« Previous Thread | Next Thread »

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Stack Buffer Overflows Dr.FarFar General Discussion 0 11-21-2023 18:04
Buffer Overflow in SentinelLM Service prt General Discussion 0 03-19-2005 05:20
Creating a buffer overflow ? Rhodium General Discussion 6 08-19-2003 04:39


All times are GMT +8. The time now is 11:25.

Aaron's homepage - Top

Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX, chessgod101
( Since 1998 )