Talk:JIT spraying

Computer Security: Computing High‑importance

This article is within the scope of WikiProject Computer Security, a collaborative effort to improve the coverage of computer security on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks.Computer SecurityWikipedia:WikiProject Computer SecurityTemplate:WikiProject Computer SecurityComputer Security articles

High

This article has been rated as High-importance on the project's importance scale.

This article is supported by WikiProject Computing (assessed as Low-importance).

Things you can help WikiProject Computer Security with:

Article alerts will be generated shortly by AAlertBot. Please allow some days for processing. More information...

Answer question about Same-origin_policy
Review importance and quality of existing articles
Identify categories related to Computer Security
Tag related articles
Identify articles for creation (see also: Article requests)
Identify articles for improvement
Create the Project Navigation Box including lists of adopted articles, requested articles, reviewed articles, etc.
Find editors who have shown interest in this subject and ask them to take a look here.

further resources[edit]

this might come in handy to improve this wikipedia article: http://dsecrg.com/pages/pub/show.php?id=22 134.147.252.130 (talk) 09:04, 22 August 2011 (UTC)[reply]

References[edit]

The Link to "Haifei Li (February 10, 2010). "JIT Spraying in PDF". Fortinet blog. Retrieved 2011-01-22." is dead and should be removed or changed. I wasn't able to find the mentioned resource — Preceding unsigned comment added by 85.177.208.125 (talk) 11:15, 2 September 2011 (UTC)[reply]

address space layout randomization (ASLR) circumvention[edit]

The Article claims that the presented attack would circumvent ASLR but does not explain how. The given example and explanations are targeted at data execution prevention (DEP) circumvention. — Preceding unsigned comment added by 91.65.122.131 (talk) 14:28, 25 July 2018 (UTC)[reply]

removing incomprehensible example. please make a better one[edit]

I don't understand it and I was a mainframe systems programmer in assembler for six years and have a degree in computer science. To what exactly are the XORs applied? The compiler itself? How does XORing machine instructions *ever* result in executable code? How do you "spray" malicious code all over memory without crashing the machine? On top of that, the writer doesn't write English very well. I think this example may be vandalism by a virus writer. Dave Bowman - Discovery Won (talk) 08:53, 26 September 2012 (UTC)[reply]

In 1983, I was a junior programmer in assembler developing a dedicated microcomputer system of my own developement. I was weary of the code being pirated, so, I wrote some critical part of the code in a cryptic way: XORing data in such a way that proper machine instructions would result. The source data for the XORing was the rightful company address data to be displayed to the user. Any change to it would render improper XOR'ed code.

In addition, when the code was complete, I lacked 1 byte of EPROM space for its storage. Fortunately enough, I could manually patch the last routine in the EPROM so that a loop back jump re-entered the routine in the middle of an instruction... with the right resulting code that I needed. I could thus reduce the size of the loop by 1 byte. What a fluke!

Based on my own experience (never intended maliciously) I can say the example is not anything out of the possible. I cannot understand how a six years-experienced, computer-science degree person could not understand these simple techniques. Kurt Artindagi (talk) 09:21, 2 May 2014 (UTC)[reply]

External links modified[edit]

Hello fellow Wikipedians,

I have just added archive links to one external link on JIT spraying. Please take a moment to review my edit. You may add {{cbignore}} after the link to keep me from modifying it, if I keep adding bad data, but formatting bugs should be reported instead. Alternatively, you can add {{nobots|deny=InternetArchiveBot}} to keep me off the page altogether, but should be used as a last resort. I made the following changes:

Attempted to fix sourcing for http://blog.fortinet.com/jit-spraying-in-pdf/

When you have finished reviewing my changes, please set the checked parameter below to true or failed to let others know (documentation at {{Sourcecheck}}).

This message was posted before February 2018. After February 2018, "External links modified" talk page sections are no longer generated or monitored by InternetArchiveBot. No special action is required regarding these talk page notices, other than regular verification using the archive tool instructions below. Editors have permission to delete these "External links modified" talk page sections if they want to de-clutter talk pages, but see the RfC before doing mass systematic removals. This message is updated dynamically through the template {{source check}} (last update: 18 January 2022).

If you have discovered URLs which were erroneously considered dead by the bot, you can report them with this tool.
If you found an error with any archives or the URLs themselves, you can fix them with this tool.

Cheers.—^{cyberbot II}_{Talk to my owner:Online} 03:25, 31 March 2016 (UTC)[reply]