Re: Strcpy

[Danett song <danett18 () yahoo com br>]

hey,

don't have idea about you are speaking... the title
say strcpy() in the body you say wcscpy() and a new
way to worms, a technique to bypass most new windows
protection... what is this? a new method of
exploitation? or a specific vulnerability? some link?

Cheers


--- Dave Aitel <dave () immunityinc com> escreveu:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> So the wcscpy technique is out in Metasploit now,
> which means we should
> see a worm forthwith! Such a beautiful bug -
> obviously you can use the
> copy to bypass the stack cookies and other
> protections on XP SP2, which
> is why it's rated critical for Windows 2003 SP1 and
> XP SP2...
>
> Kinda reminds me of some of Nico's heap overflows.
>
> As a side note, completely off topic, bindiff 2 from
> Sabre-Security is
> much much faster and better.
>
> - -dave
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.2.2 (MingW32)
iD8DBQFE2z21tehAhL0gheoRAhUGAJsFjFvx9H1jMD6/scyYbrowGN+EYwCeMl6s
> b5texAGclWXrpIXM8iUMZzQ=
> =CBbb
> -----END PGP SIGNATURE-----
> _______________________________________________
> Dailydave mailing list
> Dailydave () lists immunitysec com
http://lists.immunitysec.com/mailman/listinfo/dailydave
>



                
_______________________________________________________ 
Novidade no Yahoo! Mail: receba alertas de novas mensagens no seu celular. Registre seu aparelho agora! 
http://br.mobile.yahoo.com/mailalertas/ 
 

_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://lists.immunitysec.com/mailman/listinfo/dailydave