Collaborate Disseminate
My understanding is that ASLR randomly arranges the key data areas of a process, and so reading contiguously above a buffer as is done in heartbleed would not be enough to achieve the exploit.
I am analyzing malware and I see that two executables when run in a sandbox made DNS requests for www.epochconverter.com
Why would an attacker risk detection by making a network request to epochconverter.com? What is it nece… Continue reading Why might malware make a DNS request for an epoch time converter?
I am reading “The Geometry of Innocent Flesh on the Bone: Return-into-libc without Function Calls (on the x86)”.
The author claims that x86 code is like English written without punctuation or spaces, so that the words all ru… Continue reading In Return-Oriented Programming how can the machine execute unaligned instructions?