-
-
Replying to @m0thran
Just a hair less terrifying than system(3). This still Zoom on Linux? I’m still amazed at the complete lack of compile-time mitigation. Anything in the SHT_NOTE type section that gives a clue how antiquated their toolchain is?
2 replies 0 retweets 15 likes -
Replying to @dotMudge
Nothing explicit in the notes but strings point to: "GCC: (GNU) 4.8.5 20150623". Yeah complete lack of hardening is concerning to say the least. popen() allows for full command string like: HOME="/tmp; touch /tmp/INJECT", so basically system()
2 replies 1 retweet 9 likes -
Replying to @m0thran
Ahhh Zoom. Nothing like using a 5 year out of date tool chain on your flagship product. Lacking every mitigation (DEP, ASLR, stack guards, source fortification, and segment ordering) is impressive. This would be thrown out of many CTFs as too simple and <cough> unrealistic.
3 replies 3 retweets 23 likes -
At least on Windows, I'm not convinced that this is true.pic.twitter.com/h7diFIPRLM
1 reply 0 retweets 5 likes -
I'm also not convinced that this is true on Linux. Sure it's not PIE, but the same is true for many Linux apps on a number of distros.pic.twitter.com/pqOuRa2Vkw
1 reply 0 retweets 0 likes -
/use/bin/zoom is a symlink to zoomlauncher. Check out the actual bin /opt/zoom/zoom
1 reply 0 retweets 4 likes
Indeed you are correct! I suppose I find it somewhat surprising that two different executables provided by the same package have such drastically different compile-time mitigations enabled.pic.twitter.com/YIA6utQkSd
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.