further resources

edit

this might come in handy to improve this wikipedia article: http://dsecrg.com/pages/pub/show.php?id=22 134.147.252.130 (talk) 09:04, 22 August 2011 (UTC)Reply

References

edit

The Link to "Haifei Li (February 10, 2010). "JIT Spraying in PDF". Fortinet blog. Retrieved 2011-01-22." is dead and should be removed or changed. I wasn't able to find the mentioned resource — Preceding unsigned comment added by 85.177.208.125 (talk) 11:15, 2 September 2011 (UTC)Reply

address space layout randomization (ASLR) circumvention

edit

The Article claims that the presented attack would circumvent ASLR but does not explain how. The given example and explanations are targeted at data execution prevention (DEP) circumvention. — Preceding unsigned comment added by 91.65.122.131 (talk) 14:28, 25 July 2018 (UTC)Reply

removing incomprehensible example. please make a better one

edit

I don't understand it and I was a mainframe systems programmer in assembler for six years and have a degree in computer science. To what exactly are the XORs applied? The compiler itself? How does XORing machine instructions *ever* result in executable code? How do you "spray" malicious code all over memory without crashing the machine? On top of that, the writer doesn't write English very well. I think this example may be vandalism by a virus writer. Dave Bowman - Discovery Won (talk) 08:53, 26 September 2012 (UTC)Reply

In 1983, I was a junior programmer in assembler developing a dedicated microcomputer system of my own developement. I was weary of the code being pirated, so, I wrote some critical part of the code in a cryptic way: XORing data in such a way that proper machine instructions would result. The source data for the XORing was the rightful company address data to be displayed to the user. Any change to it would render improper XOR'ed code.
In addition, when the code was complete, I lacked 1 byte of EPROM space for its storage. Fortunately enough, I could manually patch the last routine in the EPROM so that a loop back jump re-entered the routine in the middle of an instruction... with the right resulting code that I needed. I could thus reduce the size of the loop by 1 byte. What a fluke!
Based on my own experience (never intended maliciously) I can say the example is not anything out of the possible. I cannot understand how a six years-experienced, computer-science degree person could not understand these simple techniques. Kurt Artindagi (talk) 09:21, 2 May 2014 (UTC)Reply
edit

Hello fellow Wikipedians,

I have just added archive links to one external link on JIT spraying. Please take a moment to review my edit. You may add {{cbignore}} after the link to keep me from modifying it, if I keep adding bad data, but formatting bugs should be reported instead. Alternatively, you can add {{nobots|deny=InternetArchiveBot}} to keep me off the page altogether, but should be used as a last resort. I made the following changes:

When you have finished reviewing my changes, please set the checked parameter below to true or failed to let others know (documentation at {{Sourcecheck}}).

This message was posted before February 2018. After February 2018, "External links modified" talk page sections are no longer generated or monitored by InternetArchiveBot. No special action is required regarding these talk page notices, other than regular verification using the archive tool instructions below. Editors have permission to delete these "External links modified" talk page sections if they want to de-clutter talk pages, but see the RfC before doing mass systematic removals. This message is updated dynamically through the template {{source check}} (last update: 5 June 2024).

  • If you have discovered URLs which were erroneously considered dead by the bot, you can report them with this tool.
  • If you found an error with any archives or the URLs themselves, you can fix them with this tool.

Cheers.—cyberbot IITalk to my owner:Online 03:25, 31 March 2016 (UTC)Reply