Exploit on Systems without Virtual Memory

M

maxBit

0
Hy i got a sps in my hands with vx works 5.5. I played around with some simple Buffer overflows.
I got them to work pretty easy with some help of gdb remote debug and a simple c programs that uses strcpy.
the c code looks some thing like this:
Code: 
function broken_function(char *buffer) {
    char tosmallbuffer[130];
    strcpy(tosmallbuffer, buffer);
}
My only problem was that you can't say where the stack of your application is going to be loaded becouse if you start another application before yours, your stack goes to another address you can solve this by over writing a huge memory space but the risk of overwriting more stacks is really high so the attack would be recognized pretty fast. :S

Has some one an idea how they managed that problem 20 years ago? ^^

PS: I ask only for technical interests. :)
 
Ok that sounds like Virtual memory brings not really a Securety Plus.
It only brings stability to a system so that no other code can crash through a simple bug, but it makes it much easier to write exploits is that right?
 
Hm yea I agree on Systems with vmem and ASLR and so on, you are forced to write a good exploit. but you should also do this on systems like the VxWorks to minimize the finger print of your attack.

I think your first answer points to the solution so I'll do some research on how VxWorks 5.5 memory Management works.
But I think this'll need some time ;)

Here are some links I found about the VxWorks system.
If some one is interested here they are:
Programmers-Guide
some Api References
Network Programmers-Guide

Thanks @Xrayn wish you a nice day
 
Zuletzt bearbeitet:
Um antworten zu können musst du eingeloggt sein.
Zurück
Oben