infoSecond Blog

It is no disloyalty to be a realist. We are mortals. One hopes for the best. One perseveres. One reevaluates constantly. One is an @sshole if one doesn't. - E. B. Farnum

Do they really work directly with the bytes and registers?

In a recent discussion with a student about buffer overflows and related topics, it was called into question just how 'low' an attacker will get where manipulating a running application is concerned. One opinion stated that exploits are written in higher languages and compiled into assembly before transporting to the victim. While this is true in some cases, it is also true that some attacks take place one byte and a time, and one CPU register at a time.

Check out this example...

Ethical Hacking and Computer Forensics

---

Tuesday, June 07, 2005
Posted by SD 

Click Me Links

• infoSecond Home


• Ye Old Dead Blog


• Ad free Amazon Book Search

Recent Posts

• The 12KB Bomb


• NTFS Streams - Everything you need to know (demos ...


• Preserving Digital Evidence to Bring Hackers and A...


• A non-technical description of computer forensics


• Internet Explorer's AutoComplete function


• TCP and Explicit Congestion Notification (ECN bit)


• Hacking a SQL Server


• Documents for your KDE desktop


• Using Rexx for easy Desktop Linux scripting


• A collection of utilities and libraries intended f...

Archives

• April 2005
• May 2005
• June 2005
• July 2005
• August 2005
• September 2005
• October 2005
• November 2005
• December 2005
• January 2006
• February 2006
• March 2006
• April 2006
• May 2006
• August 2006
• September 2006
• October 2006
• November 2006
• January 2007
• March 2007
• April 2007