Register spring

In computer security, a register spring is a sort of trampoline. It is a bogus return pointer or Structured Exception Handling (SEH) pointer which an exploit places on the call stack, directing control flow to existing code (within a dynamic-link library (DLL) or the static program binary). This target code in turn consists of a call or jump such as "CALL EBX" or "JMP ESP", where the appropriate processor register was previously prepared by the exploit to point to where the payload code begins.

Sources

Crandall, Jedidiah R.; Wu, S. Felix; Chong, Frederic T. (2005). "Experiences Using Minos as a Tool for Capturing and Analyzing Novel Worms for Unknown Vulnerabilities". in Julisch, Klaus; Krügel, Christopher. Proceedings of the Second International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment (DIMVA 2005), Vienna, Austria, July 7-8, 2005. Lecture Notes in Computer Science (LNCS). 3548. Springer. pp. 32–50. ISBN 3-540-26613-5. http://www.cs.unm.edu/~crandall/dimvaminos.pdf. Retrieved 2012-04-19.

0.00

(0 votes)

Original source: https://en.wikipedia.org/wiki/Register spring. Read more

Anonymous

Search

Register spring

Namespaces

More

Page actions

Sources

Navigation

Navigation

Help

Translate

Wiki tools

Wiki tools

Anonymous

Search

Register spring

Sources

Navigation

Wiki tools

Page tools

Other projects

Categories