Dailydave mailing list archives
Re: Strcpy
From: Danett song <danett18 () yahoo com br>
Date: Thu, 10 Aug 2006 13:55:34 -0300 (ART)
hey, don't have idea about you are speaking... the title say strcpy() in the body you say wcscpy() and a new way to worms, a technique to bypass most new windows protection... what is this? a new method of exploitation? or a specific vulnerability? some link? Cheers --- Dave Aitel <dave () immunityinc com> escreveu:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 So the wcscpy technique is out in Metasploit now, which means we should see a worm forthwith! Such a beautiful bug - obviously you can use the copy to bypass the stack cookies and other protections on XP SP2, which is why it's rated critical for Windows 2003 SP1 and XP SP2... Kinda reminds me of some of Nico's heap overflows. As a side note, completely off topic, bindiff 2 from Sabre-Security is much much faster and better. - -dave -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2.2 (MingW32)
iD8DBQFE2z21tehAhL0gheoRAhUGAJsFjFvx9H1jMD6/scyYbrowGN+EYwCeMl6s
b5texAGclWXrpIXM8iUMZzQ= =CBbb -----END PGP SIGNATURE----- _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com
http://lists.immunitysec.com/mailman/listinfo/dailydave
_______________________________________________________ Novidade no Yahoo! Mail: receba alertas de novas mensagens no seu celular. Registre seu aparelho agora! http://br.mobile.yahoo.com/mailalertas/ _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- Strcpy Dave Aitel (Aug 10)
- Re: Strcpy Halvar Flake (Aug 10)
- Re: Strcpy Halvar Flake (Aug 10)
- Re: Strcpy Danett song (Aug 10)
- Re: Strcpy Dave Korn (Aug 10)
- Re: Strcpy H D Moore (Aug 10)
- Re: Strcpy H D Moore (Aug 10)
- Re: Strcpy (RPC exploits, IE exploits and more) Danett song (Aug 10)
- Re: Strcpy (RPC exploits, IE exploits and more) Alexander Sotirov (Aug 10)
- Re: Strcpy (RPC exploits, IE exploits and more) Danett song (Aug 15)