Framing Signals-A Return to Portable Shellcode

Provided by: Vrije Universiteit
Topic: Hardware
Format: PDF
Signal handling has been an integral part of UNIX systems since the earliest implementation in the 1970s. Now-a-days, the authors find signals in all common flavors of UNIX systems, including BSD, Linux, Solaris, Android, and Mac OS. While each flavor handles signals in slightly different ways, the implementations are very similar. In this paper, they show that signal handling can be used as an attack method in exploits and backdoors. The problem has been a part of UNIX from the beginning, and now that advanced security measures like ASLR, DEP and stack cookies have made simple exploitation much harder; their technique is among the lowest hanging fruit available to an attacker.

Find By Topic