Dailydave mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Understanding Windows Heap Overflows

From: Matt Conover <mconover () gmail com>
Date: Fri, 7 Oct 2005 03:50:18 -0700
ahh also about the xpsp2 version went.... i had just posted it for a few
weeks because it doesn't seem publication quality to me. but i didn't know
anyone wanted it. so i will leave it in place this time. it is here:
http://www.cybertech.net/~sh0ksh0k/heap
 i included in there:
1. a cool article that Kostya Kortchinsky wrote about the original
cansecwest 04 presentation..
it's in french, but it's so well written that even people that don't know
french can understand it :)
2. the original cansecwest 04 presentation
3. the updated xpsp2 presentation that discusses low frag heap and defeating
safe unlinkg
4. local proof of concept for pre-xpsp2 and xpsp2
you should change shellcode.[ch] to not use hardcoded addresses
5. remote proof of concept for pre-xpsp1
you should change shellcode.[ch] to not use hardcoded addresses.
 again though, it more appropriate for someone write a paper. code snippets
and powerpoint presentations are not really adequate for a complex topic
like this one. though, it won't be me... i've spent too much time on it
already, it rots your brain after a while :)
Previous By Date Next
Previous By Thread Next

Current thread: