@timb_machine
Yeah, I saw the general gist of the exploitation. But what's not clear to me is the whole getting past ASLR.
Yeah, it's only a 32-bit app, but if the exploitation requires 3 different independently randomized things (heap: 14 bits, stack: 12 bits, and binary: 9 bits), that adds up pretty quickly. 🤔
=> View attached media | View attached media
=> More informations about this toot | View the thread | More toots from wdormann@infosec.exchange
=> View timb_machine@infosec.exchange profile
text/geminiThis content has been proxied by September (ba2dc).