Alexander Peslyak (Александр Песляк) (born 1977), better known as Solar Designer, is a security specialist from Russia. He is best known for his publications on exploitation techniques, including the

return-to-libc attack A "return-to-libc" attack is a computer security attack usually starting with a buffer overflow in which a subroutine return address on a call stack is replaced by an address of a subroutine that is already present in the process executable memory ...

and the first generic heap-based buffer overflow exploitation technique, as well as

computer security Computer security, cybersecurity (cyber security), or information technology security (IT security) is the protection of computer systems and networks from attack by malicious actors that may result in unauthorized information disclosure, t ...

protection techniques such as

privilege separation In computer programming and computer security, privilege separation is one software-based technique for implementing the principle of least privilege. With privilege separation, a program is divided into parts which are limited to the specific pri ...

for

daemon Daimon or Daemon (Ancient Greek: , "god", "godlike", "power", "fate") originally referred to a lesser deity or guiding spirit such as the daimons of ancient Greek religion and Greek mythology, mythology and of later Hellenistic religion and Hell ...

processes. Peslyak is the author of the widely popular password cracking tool

John the Ripper John the Ripper is a free password cracking software tool. Originally developed for the Unix operating system, it can run on fifteen different platforms (eleven of which are architecture-specific versions of Unix, DOS, Win32, BeOS, and OpenVMS) ...

. His code has also been used in various third-party operating systems, such as OpenBSD and Debian.

Work

Peslyak has been the founder and leader of the

Openwall Project The Openwall Project is a source for various software, including Openwall GNU/*/Linux (Owl), a security-enhanced Linux distribution designed for servers. Openwall patches and security extensions have been included into many major Linux distribut ...

since 1999. He is the founder of Openwall, Inc. and has been the CTO since 2003. He served as an advisory board member at the Open Source Computer Emergency Response Team (oCERT) from 2008 until oCERT's conclusion in August 2017. He also co-founded oss-security. He has spoken at many international conferences, including

FOSDEM Free and Open source Software Developers' European Meeting (FOSDEM) is a non-commercial, volunteer-organized European event centered on free and open-source software development. It is aimed at developers and anyone interested in the free and ...

and CanSecWest. He wrote the foreword to Michał Zalewski's 2005 book ''Silence on the Wire''. Alexander received the 2009 "Lifetime Achievement Award" during the annual Pwnie Award at the Black Hat Security Conference. In 2015

Qualys Qualys, Inc. provides cloud security, compliance and related services and is based in Foster City, California. Qualys provides vulnerability management solutions using a "software as a service" (SaaS) model. It has added cloud-based compliance a ...

acknowledged his help with the disclosure of a

GNU C Library The GNU C Library, commonly known as glibc, is the GNU Project's implementation of the C standard library. Despite its name, it now also directly supports C++ (and, indirectly, other programming languages). It was started in the 1980s by ...

gethostbyname function buffer overflow ().

References

External links

Openwall Project home page

Solar Designer's pseudo homepage
* http://phrack.org/issues/69/2.html#article {{Linux people People associated with computer security 1977 births Living people

Work

See also

References

External links