Full Disclosure mailing list archives
Re: Nice call to ebx found
From: Thierry Haven <thierry.haven () xmcopartners com>
Date: Fri, 11 Feb 2005 10:55:41 +0100
Nice one indeed... However this is not the case for Windows XP because the code was recompiled and/or modified with the introduction of the SP2. I guess you noticed it before I did, anyway ... ;)
Windows XP SP1 (French) - call @ 0x77BFD24C - msvcrt.dll Windows XP SP2 (French) - call @ 0x77BFE89C - msvcrt.dll _______________________________________ Thierry Haven - Xmco Partners Security Consulting / Pentest web : http://www.xmcopartners.com class 101 wrote:
During the build of an exploit , I have found with the help of Dwarf, a nice call to ebx for the win2k platforms,pro *_AND_* server, *_SP4's_* serie, *_ALL _*languages. This might help some people to point out this.0x7801B008.msvcrt.dll -------------------------------------------------------------class101 Jr. Researcher Hat-Squad.com ------------------------------------------------------------- ------------------------------------------------------------------------ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Nice call to ebx found class 101 (Feb 09)
- Re: Nice call to ebx found Thierry Haven (Feb 11)
- smtpsvc and undocumented registry values Thierry Haven (Feb 23)
- Re: smtpsvc and undocumented registry values Andres Tarasco (Feb 23)
- smtpsvc and undocumented registry values Thierry Haven (Feb 23)
- <Possible follow-ups>
- Re: Nice call to ebx found class 101 (Feb 11)
- Re: Nice call to ebx found Thierry Haven (Feb 11)