Tamper-Proofing with Self-Modifying Code

Classical computability theory tells us that self-modifying code SMC on a deterministic universal Turing machine can be simulated by non-SMC code on the same model. That abstraction, however, omits the external timing inputs, concurrency, and microarchitectural state that dominate practical...

Efficient Instruction Cache Attacks via Self-Modifying Code Conflicts

Bulletin ID: AMD-SB-7024 Potential Impact: N/A Severity: N/A Summary AMD is aware of a paper titled ‘SMaCK: Efficient Instruction Cache Attacks via Self-Modifying Code Conflicts,’ published by researchers from Iowa State University and Google®. The research paper attempts to extend data-cache-sid...

MAPLE Computer WBT SNMP Administrator 2.0.195.15 Buffer Overflow

Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/MAPLE-WBT-SNMP-ADMINISTRATOR-v2.0.195.15-REMOTE-BUFFER-OVERFLOW-CODE-EXECUTION-0DAY.txt + ISR: Apparition Security Vendor www.computerlab.com Product MAPLE Computer WBT SNMP...

Dynamic API Call Tracer for Windows and Linux Applications: Drltrace

Drltrace is a dynamic API calls tracer for Windows and Linux applications designed primarily for malware analysis. Drltrace is built on top of DynamoRIO dynamic binary instrumentation framework. Motivation Malware analysis is not an easy task. Sophisticated software packers like Themida and...

High Throughput Fuzzer: Grr

High Throughput Fuzzer GRR is an x86 to amd64 binary translator. GRR was created to emulate and fuzzer DECREE challenge binaries. GRR was created for the DARPA Cyber Grand Challenge. Features Code cache persistence avoids translation overheads across separate runs. Optimization of the code cache,...

linux/x86 Radically Self Modifying Code 70 bytes

No description provided by source. /-------------------------------------------------------/ / Radically Self Modifying Code for surviving / / toupper and tolower / / / / 70byte execve & exit code by XORt / /-------------------------------------------------------/ "\xeb\x12" / jmp $0x12 / "\x5e" ...

linux/x86 Magic Byte Self Modifying Code 76 bytes

Exploit for linux/x86 platform in category shellcode ================================================= linux/x86 Magic Byte Self Modifying Code 76 bytes ================================================= /-------------------------------------------------------/ / Magic Byte Self Modifying Code for...

linux/x86 Magic Byte Self Modifying Code 76 bytes

No description provided by source. /-------------------------------------------------------/ / Magic Byte Self Modifying Code for surviving / / toupper & tolower / / 76bytes execve exit code by XORt / /-------------------------------------------------------/ "\xeb\x34" / jmp $0x34 revert / "\x5e"...

linux/x86 Magic Byte Self Modifying Code 76 bytes

linux/x86 Magic Byte Self Modifying Code 76 bytes. Shellcode exploit for linx86 platform /-------------------------------------------------------/ / Magic Byte Self Modifying Code for surviving / / toupper & tolower / / 76bytes execve exit code by XORt /...

linux/x86 Radically Self Modifying Code 70 bytes

linux/x86 Radically Self Modifying Code 70 bytes. Shellcode exploit for linx86 platform /-------------------------------------------------------/ / Radically Self Modifying Code for surviving / / toupper and tolower / / / / 70byte execve & exit code by XORt /...

Linux imapd - Remote Overflow File Retrieve

Linux imapd - Remote Overflow File Retrieve / This is the remote exploit of the hole in the imap daemon, for Linux. The instruction code is doing open, write, and close system calls, and it adds a line root::0:0.. at the beggining of /etc/passwd change to /etc/shadow if needed. The code needs to ...