Re: XP SP2 - "Exploit writers need to stop being such a pussy"

[H D Moore <hdm-daily-dave () digitaloffense net>]

XP Pro comes with the full IIS (5.1) suite; web server, mail server, ftp 
server, etc. I was testing out some older ISAPI overflows on IIS 5.1 w/XP 
SP2, the only significant difference in exploiting them is that all regs 
(cept ebp, esp) are cleared when the exception handler kicks. It took all 
of 30 seconds or so to get the code working. Simply changing the returns 
from jmp/call reg to pop/pop/[...]/ret [1] fixed it right up. SP2 doesn't 
do much at all for third-party applications.

-HD

1. $ ./msfpescan -f nsiislog.dll -s

On Wednesday 11 August 2004 12:30, Halvar Flake wrote:
> Hey all,
>
> hrm, why does XP SP2 contain smtpsvc.dll ? I wasn't aware XP comes
> with it's own smtp server.
>
> Cheers,
> Halvar
_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://www.immunitysec.com/mailman/listinfo/dailydave