1 Mar
2013
1 Mar
'13
5:15 p.m.
On Thu, Feb 28, 2013 at 07:25:22PM -0500, David Riley wrote:
On Feb 28, 2013, at 4:17 PM, Dave Wade wrote:
But running buffer overflow exploits with x86 specific machine code
payloads isn't going to get you anywhere on ARM. And there are software
based mitigation techniques that can seriously limit the impact of
buffer overflow exploits - the machine architecture based obscurity
defense won't protect you for long.
Kind regards,
Alex.
--
"Opportunity is missed by most people because it is dressed in overalls and
looks like work." -- Thomas A. Edison
I haven't heard of any. It's a modern
linux and most tasks run as non-root.
In addition on its a non-standard chip set so standard buffer over runs
don't work.
Er, what? Buffer overruns are the same regardless of what chipset
you run, at least as long as your stack grows downwards (most stacks,
including ARMs' stacks, do). Stack headspace randomization, which
is generally a software thing, can cause the code intended to be
executed by a buffer overrun fail (since there's no static offset to
branch to), but it's not a feature of the hardware on most machines.