Wilders Security Forums  

Go Back   Wilders Security Forums > Other Security Topics > other security issues & news
Reload this Page Whitehat Shellcode VS Shellcode 2° to heapspray
User Name
Password
Register FAQ Members List Calendar Search Today's Posts Mark Forums Read

 
 
Thread Tools Search this Thread
  #1  
Old August 1st, 2012, 10:29 PM
trismegistos's Avatar
trismegistos trismegistos is offline
Frequent Poster
  
Join Date: Jan 2009
Posts: 363
Default Whitehat Shellcode VS Shellcode 2° to heapspray
Didier Stevens' CounterHeapSpray

Quote:
By planting its own shellcode before the heap spray can fill the heap with malicious shellcode, CounterHeapSpray not only prevents execution of this malicious shellcode but is able to suspend the process and to inform the user of the attack.
https://blog.didierstevens.com/2012/...nterheapspray/
__________________
-http://www.veteranstoday.com/author/henderson/
-http://www.veteranstoday.com/2013/03/04/the-911-illusion-patsies-beneficiaries/
  #2  
Old August 3rd, 2012, 03:10 AM
STV0726's Avatar
STV0726 STV0726 is offline
Frequent Poster
  
Join Date: Jul 2010
Posts: 868
Default Re: Whitehat Shellcode VS Shellcode 2° to heapspray
EMET 3.6 shall include a new mitigation CounterCounterHeapSpray.
__________________
~ STV0726
OS: Windows 7|SRP|SUA|UAC|EFS|EMET|Firewall|Backup
Resident: Webroot SecureAnywhere 2013|Sandboxie
On-Demand: MBAM|SAS|HMP|Comodo CE|Secunia PSI
Browser: Firefox|Web of Trust|Adblock Plus|NoScript
Hardware/Other: Linksys Router|Norton ConnectSafe DNS
  #3  
Old August 3rd, 2012, 09:33 PM
trismegistos's Avatar
trismegistos trismegistos is offline
Frequent Poster
  
Join Date: Jan 2009
Posts: 363
Default Re: Whitehat Shellcode VS Shellcode 2° to heapspray
Quote:
Originally Posted by STV0726
EMET 3.6 shall include a new mitigation CounterCounterHeapSpray.
A typo, perhaps? Why would EMET counter a CounterHeapSpray.

Yeah, I know about EMET offering a solution against Heap Spray that's why I didn't post this tool in the other anti-malware or other software and services subforum. But perhaps more whitehats will follow the lead of Didier about the concept of a shellcode fighting a malware exploit code.
__________________
-http://www.veteranstoday.com/author/henderson/
-http://www.veteranstoday.com/2013/03/04/the-911-illusion-patsies-beneficiaries/
 

Wilders Security Forums > Other Security Topics > other security issues & news « Previous Thread | Next Thread »

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Settings
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


All times are GMT -4. The time now is 11:08 PM.

Contact Us - SSL - Wilders Security - Archive - TOS/Privacy - Top

Powered by vBulletin® Copyright ©2000 - 2013, Jelsoft Enterprises Ltd.
Copyright ©2002 - 2013, Wilders Security Forums