Archives

Authors

Recently Active Members

Profile picture of 智能大叔
Profile picture of mik7k
Profile picture of lofan888
Profile picture of myway
Profile picture of Martin
Profile picture of Swen Hoss
Profile picture of Man He
Profile picture of Eva
Profile picture of Chris
Profile picture of Aaron
Profile picture of Bryan

飲飲食食

保健產品

OS Security (基礎1)

最現代化的操作系統包括某種形式的內存保護 memory protection, 如DEPASLR

本週發表的一篇Android 4.1 Jelly Bean (Serial hacker says latest Android will be “pretty hard” to exploit) 評測中,安全專家Jon Oberheide表示Jelly Bean 用隨機記憶體編排(Address Space Layout Randomization, ASLR),在隨機排列的情形下,記憶體的位置、堆疊及其他資料結構都隨機化,很難利用推論記憶體位置的手法,找出漏洞成功攻擊,明符其實,你估我唔到。

ASLR and DEP 不是M$ 出, 都是原於Linux Pax Project (2001).

不過,很難唔代表破解不到,null securtiy 有一份 paper 講如何破解ASLR, 用windows 做例子.

還有,在windows 世界,DEPASLR已經有破了的case. 2010 Pwn2Own hacking contest 有參加者 用heap overflow attack IE 8 和用上 zero-day vulnerability he discovered in the browser to bypass Windows 7’s built-in anti-exploit features破解了Data Execution Prevention (DEP) and Address Space Layout Randomization (ASLR).

所以有人的地方,有值得下手的對象, 駭客很難唔會做野. Hahahaha