Re: Bytecode abuse in Lua 5.2 (-work4)

lua-l archive

[Date Prev][Date Next][Thread Prev][Thread Next] [Date Index] [Thread Index]

Subject: Re: Bytecode abuse in Lua 5.2 (-work4)
From: HyperHacker <hyperhacker@...>
Date: Sat, 21 Aug 2010 22:01:33 -0600

On Sat, Aug 21, 2010 at 21:43, Martin Guy <martinwguy@gmail.com> wrote:
> Was this really worth posting to the entire list?
>
> On 8/22/10, Majic <majic.one@gmail.com> wrote:
>> Very informative, thanks! :o
>>
>>  On Sat, Aug 21, 2010 at 3:22 PM, Peter Cawley <lua@corsix.org> wrote:
>>  > As anyone who has tracked Lua 5.2's development will likely know, the
>>  > bytecode verifier was removed, and the responsibility shifted to the
>>  > end-developer to ensure that bytecode from untrusted sources couldn't
>>  > be loaded. To show just how important this responsibility is, I've
>>  > written up a pure Lua module for the default Lua 5.2 (-work4)
>>  > interpreter which can read and write arbitrary memory locations. The
>>  > only thing standing between this and a generic
>>  > arbitrary-code-execution exploit is DEP (hardware/OS level memory page
>>  > protection preventing where code can be executed from).
>>  >
>>  > The code is available at:
>>  > http://www.corsix.org/lua/bytecode_abuse_0_1.lua
>>  >
>>
>

Well I enjoyed it, but then I'm crazy like that. :-p

-- 
Sent from my toaster.

References:
- Bytecode abuse in Lua 5.2 (-work4), Peter Cawley
- Re: Bytecode abuse in Lua 5.2 (-work4), Majic
- Re: Bytecode abuse in Lua 5.2 (-work4), Martin Guy

Prev by Date: Re: Bytecode abuse in Lua 5.2 (-work4)
Next by Date: Re: Bytecode abuse in Lua 5.2 (-work4)
Previous by thread: Re: Bytecode abuse in Lua 5.2 (-work4)
Next by thread: Re: Bytecode abuse in Lua 5.2 (-work4)
Index(es):
- Date
- Thread