[Info-vax] How dangerous is it to be able to get into DCL supervisor mode ?
Simon Clubley
clubley at remove_me.eisner.decus.org-Earth.UFP
Mon Jul 3 18:45:15 EDT 2017
On 2017-07-03, Hans Vlems <hvlems at freenet.de> wrote:
> If I understand you well then after crashing DCL your process is left in
> Supervisor mode. Without a CLI how can you exploit that privileged position?
You don't have a process after DCL crashes. The idea is to try and corrupt
DCL just enough to be able to execute your shellcode without corrupting
it enough to actually crash and terminate your process.
If you find manage to find a way to obtain this level of control then
that's the point at which a crash becomes an exploit.
However, at the moment, the process crashes with the following final
status (from the accounting log):
Final status text: %SYSTEM-F-NOHANDLER, no condition handler found
> What is worrying me is that you can only get to Supervisor mode through
> Kernel or Exec mode, so finding your way back might get you into one of
> these states. Again without a CLI present (and thus no way to run a handy
> tool ?) it seems difficult if not impossible to do.
I've detailed the answer to this in another posting.
Simon.
--
Simon Clubley, clubley at remove_me.eisner.decus.org-Earth.UFP
Microsoft: Bringing you 1980s technology to a 21st century world
More information about the Info-vax
mailing list