wow this is great; is there any good resource on how an info leak gets promoted to a reliable exploit?
-
-
-
Security researcher people would know, but I don't know of one offhand.
-
tl;dr; info leaks defeat ASLR by revealing the address of a valid stack or heap object, so now you know where to attack
-
that's the defn, but you're using the leak to find your ROP widgets and build a full computation env right?
-
so in the absence of a "good" exploit env, it's unclear how to reliably promote a random address into something good.
-
Not quite sure what you mean, but if you’re asking if you need another exploit to weaponize the info leak, yes, you do.
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.