|
upx don't affect the explotation, the program when unpacked have the same code in memory when unpacked and executed, and upx let the code section with writable and execution permission.
If you cannot execute your shellcode for the DEP activated (stack and heap non executables) you can ret2libc to repmovs in code section, and copy the stack (or part) to the code section (this section have writable and execution permission, and jump to execute easy, only ret2libc to code).
Remember main executable 90% of the times have not asdlr, and with UPX you have a section with RWE and is a non moveable target.
Sorry for my bad english.
ricnar
|