Talk:JIT spraying
This article is rated Stub-class on Wikipedia's content assessment scale. It is of interest to the following WikiProjects: | |||||||||||||||||||
|
further resources
editthis might come in handy to improve this wikipedia article: http://dsecrg.com/pages/pub/show.php?id=22 134.147.252.130 (talk) 09:04, 22 August 2011 (UTC)
References
editThe Link to "Haifei Li (February 10, 2010). "JIT Spraying in PDF". Fortinet blog. Retrieved 2011-01-22." is dead and should be removed or changed. I wasn't able to find the mentioned resource — Preceding unsigned comment added by 85.177.208.125 (talk) 11:15, 2 September 2011 (UTC)
address space layout randomization (ASLR) circumvention
editThe Article claims that the presented attack would circumvent ASLR but does not explain how. The given example and explanations are targeted at data execution prevention (DEP) circumvention. — Preceding unsigned comment added by 91.65.122.131 (talk) 14:28, 25 July 2018 (UTC)
removing incomprehensible example. please make a better one
editI don't understand it and I was a mainframe systems programmer in assembler for six years and have a degree in computer science. To what exactly are the XORs applied? The compiler itself? How does XORing machine instructions *ever* result in executable code? How do you "spray" malicious code all over memory without crashing the machine? On top of that, the writer doesn't write English very well. I think this example may be vandalism by a virus writer. Dave Bowman - Discovery Won (talk) 08:53, 26 September 2012 (UTC)
- In 1983, I was a junior programmer in assembler developing a dedicated microcomputer system of my own developement. I was weary of the code being pirated, so, I wrote some critical part of the code in a cryptic way: XORing data in such a way that proper machine instructions would result. The source data for the XORing was the rightful company address data to be displayed to the user. Any change to it would render improper XOR'ed code.
- In addition, when the code was complete, I lacked 1 byte of EPROM space for its storage. Fortunately enough, I could manually patch the last routine in the EPROM so that a loop back jump re-entered the routine in the middle of an instruction... with the right resulting code that I needed. I could thus reduce the size of the loop by 1 byte. What a fluke!
- Based on my own experience (never intended maliciously) I can say the example is not anything out of the possible. I cannot understand how a six years-experienced, computer-science degree person could not understand these simple techniques. Kurt Artindagi (talk) 09:21, 2 May 2014 (UTC)
External links modified
editHello fellow Wikipedians,
I have just added archive links to one external link on JIT spraying. Please take a moment to review my edit. You may add {{cbignore}}
after the link to keep me from modifying it, if I keep adding bad data, but formatting bugs should be reported instead. Alternatively, you can add {{nobots|deny=InternetArchiveBot}}
to keep me off the page altogether, but should be used as a last resort. I made the following changes:
- Attempted to fix sourcing for http://blog.fortinet.com/jit-spraying-in-pdf/
When you have finished reviewing my changes, please set the checked parameter below to true or failed to let others know (documentation at {{Sourcecheck}}
).
This message was posted before February 2018. After February 2018, "External links modified" talk page sections are no longer generated or monitored by InternetArchiveBot. No special action is required regarding these talk page notices, other than regular verification using the archive tool instructions below. Editors have permission to delete these "External links modified" talk page sections if they want to de-clutter talk pages, but see the RfC before doing mass systematic removals. This message is updated dynamically through the template {{source check}}
(last update: 5 June 2024).
- If you have discovered URLs which were erroneously considered dead by the bot, you can report them with this tool.
- If you found an error with any archives or the URLs themselves, you can fix them with this tool.
Cheers.—cyberbot IITalk to my owner:Online 03:25, 31 March 2016 (UTC)