Technology

No Leak, No Problem – Bypassing ASLR with a ROP Chain to Gain RCE

Source

Hacker News

Published

Nov 14, 2025

TL;DR

AI Generated

The article discusses bypassing ASLR using a ROP chain to achieve Remote Code Execution (RCE) on an IoT target, specifically an INSTAR IP camera. The author details the process of gaining access to the device's firmware, identifying vulnerabilities, and exploiting a stack-based buffer overflow in the fcgi_server binary. The exploit involves chaining gadgets to manipulate registers, dereference addresses, and ultimately gain RCE by redirecting execution flow to the system function. The author also explores the challenges faced in building the ROP chain and the responsible disclosure of the vulnerabilities to the manufacturer.

Read Full Article

Tokyo court rules movie and anime 'spoiler articles' are copyright infringement in landmark criminal case — detailed, monetized plot summaries land man in Japanese prison

A Tokyo court has sentenced a man to 1.5 years in prison and a fine for posting detailed plot summaries of movies and anime, ruling that these "spoiler articles" constitute copyright infringement. The defendant's website shared intricate plot descriptions, leading prosecutors to argue that these articles stole potential sales from copyright owners by dissuading viewers from watching the original content. The case, filed by CODA on behalf of major Japanese studios, sets a new precedent regarding copyright infringement in Japan, particularly focusing on the monetization of illegal plot summaries. This ruling reflects a broader effort by Japanese authorities to crack down on copyright violations, signaling a shift in how intellectual property rights are enforced in the country.

Tom's Hardware•

1 week ago

3DPrint.com

Superman, One Year Later, and the 3D Printing You Didn’t Notice

The article discusses the impact of 3D printing technology on the production of props for movies like "Superman." It highlights how 3D printing has revolutionized the creation of intricate and detailed props that were previously challenging to make. The article also delves into the advancements in 3D printing techniques and materials that have enabled the creation of more realistic and visually appealing props. Additionally, it emphasizes the role of 3D printing in the entertainment industry and its potential for further innovation in prop-making.

3DPrint.com•

4 weeks ago

Integrating Error Propagation Theory Into the FMEDA Framework (Robert Bosch GmbH)

The technical paper by Robert Bosch GmbH introduces a new approach to enhance the accuracy and reliability of safety metrics in functional safety verification of ASICs for automotive systems. Traditional metrics like SPFM and LFM in FMEDA analysis rely on estimations of failure mode distribution and diagnostic coverage, leading to uncertainties and expert judgment dependencies. The proposed method integrates error propagation theory to calculate safety metrics, providing confidence intervals and identifying primary sources of uncertainty through an Error Importance Identifier (EII). This novel approach aims to improve transparency and trustworthiness in FMEDA, enabling more robust ASIC safety verification for ISO 26262 compliance.

SemiEngineering•

4 weeks ago

3DPrint.com

3D Printing News Briefs, March 26, 2026: AMUK, IP Dispute, Asbestos, & More

The article discusses various updates in the 3D printing industry as of March 26, 2026. It covers topics such as the Additive Manufacturing UK (AMUK) conference, an intellectual property dispute involving a 3D printing company, concerns about asbestos exposure in 3D printing materials, and other notable news in the sector. The content appears to be inaccessible due to JavaScript and cookie settings, but it likely delves into the implications of these developments on the 3D printing landscape.