The pros and cons of research

Apparently Minh Tran, Mark Etheridge, Tyler Bletsch, Xuxian Jiang, Vincent Freeh and Peng Ning managed to prove that return-to-libc attack can be successfully created with a Turing complete set of instructions. This has been achieved by chaining different functions from libc, enabling the attack to be portable on different operating systems. The paper is not yet available online, but I managed to find a scanned version:

On the expressiveness of return-into-libc attacks (14th International Symposium on Recent Advances in Intrusion Detection conference – RAID 2011)


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s