RE: hPRoTeCT Labs Releases vulnfind (hprotect () hushmail com)

[Alexander.Haeussler () ZF-Lenksysteme com]

---- Ascom Comment ----
> Date: Wed, 27 Apr 2005 11:57:15 -0700
> From: <hprotect () hushmail com>
> Subject: [Full-disclosure] hPRoTeCT Labs Releases vulnfind
> To: <full-disclosure () lists grok org uk>
> Message-ID: <200504271857.j3RIvMQu075079 () mailserver2 hushmail com>
>
> hPRoTeCT Labs is pleased to announce the release of vulnfind, an 
> automated universal vulnerability discovery and exploitation 
> engine. vulnfind permits the universal and automated discovery of 
> vulnerabilities across all Windows XP platforms via the 
> instrumentation of shared library code responsible for virtually 
> all vulnerabilities. An advanced 'detours' hook library instruments 
> the shared library code responsible for 'strcpy', a major cause of 
> vulnerabilities, and notifies when the saved frame pointer and 
> return address ('ebp' and 'eip') will be compromised due to excess 
> string length. In addition, vulnfind permits vulnerability 
> discovery and penetration tests alike via run-time replacement of 
> the compromised return address ('eip') with an address of memory-
> resident shellcode resident in the memory of the process.
>
> vulnfind is released as open 'c' source and it will be ported to 
> 'c++' in the coming weeks. vulnfind, along with over 250 other c, 
> cpp, cxx, and h files written by hPRoTeCT staff, is available via 
> the hPRoTeCT Labs home page, in addition to over 250 other 
> projects.

What is the URL for the hPRoTeCT Labs home page? You forgot to include the
link in the posting

> The availability of additional projects will be announced to all 
> mailing lists upon becoming available.
>
> Wiley Miller
> Product Manager, hPRoTeCT Labs

---- Ascom IDEAsecure SIGNED MESSAGE ----
BASE64
AAEBAAACAQAAAwAAAgIAAAjRgAEAAAbGgAIAAAa0AAQAAAACAAIAAgAABpg+IERhdGU6IF
dlZCwgMjcgQXByIDIwMDUgMTE6NTc6MTUgLTA3MDANCj4gRnJvbTogPGhwcm90ZWN0QGh1
c2htYWlsLmNvbT4NCj4gU3ViamVjdDogW0Z1bGwtZGlzY2xvc3VyZV0gaFBSb1RlQ1QgTG
FicyBSZWxlYXNlcyB2dWxuZmluZA0KPiBUbzogPGZ1bGwtZGlzY2xvc3VyZUBsaXN0cy5n
cm9rLm9yZy51az4NCj4gTWVzc2FnZS1JRDogPDIwMDUwNDI3MTg1Ny5qM1JJdk1RdTA3NT
A3OUBtYWlsc2VydmVyMi5odXNobWFpbC5jb20+DQo+IA0KPiBoUFJvVGVDVCBMYWJzIGlz
IHBsZWFzZWQgdG8gYW5ub3VuY2UgdGhlIHJlbGVhc2Ugb2YgdnVsbmZpbmQsIGFuIA0KPi
BhdXRvbWF0ZWQgdW5pdmVyc2FsIHZ1bG5lcmFiaWxpdHkgZGlzY292ZXJ5IGFuZCBleHBs
b2l0YXRpb24gDQo+IGVuZ2luZS4gdnVsbmZpbmQgcGVybWl0cyB0aGUgdW5pdmVyc2FsIG
FuZCBhdXRvbWF0ZWQgZGlzY292ZXJ5IG9mIA0KPiB2dWxuZXJhYmlsaXRpZXMgYWNyb3Nz
IGFsbCBXaW5kb3dzIFhQIHBsYXRmb3JtcyB2aWEgdGhlIA0KPiBpbnN0cnVtZW50YXRpb2
4gb2Ygc2hhcmVkIGxpYnJhcnkgY29kZSByZXNwb25zaWJsZSBmb3IgdmlydHVhbGx5IA0K
PiBhbGwgdnVsbmVyYWJpbGl0aWVzLiBBbiBhZHZhbmNlZCAnZGV0b3VycycgaG9vayBsaW
JyYXJ5IGluc3RydW1lbnRzIA0KPiB0aGUgc2hhcmVkIGxpYnJhcnkgY29kZSByZXNwb25z
aWJsZSBmb3IgJ3N0cmNweScsIGEgbWFqb3IgY2F1c2Ugb2YgDQo+IHZ1bG5lcmFiaWxpdG
llcywgYW5kIG5vdGlmaWVzIHdoZW4gdGhlIHNhdmVkIGZyYW1lIHBvaW50ZXIgYW5kIA0K
PiByZXR1cm4gYWRkcmVzcyAoJ2VicCcgYW5kICdlaXAnKSB3aWxsIGJlIGNvbXByb21pc2
VkIGR1ZSB0byBleGNlc3MgDQo+IHN0cmluZyBsZW5ndGguIEluIGFkZGl0aW9uLCB2dWxu
ZmluZCBwZXJtaXRzIHZ1bG5lcmFiaWxpdHkgDQo+IGRpc2NvdmVyeSBhbmQgcGVuZXRyYX
Rpb24gdGVzdHMgYWxpa2UgdmlhIHJ1bi10aW1lIHJlcGxhY2VtZW50IG9mIA0KPiB0aGUg
Y29tcHJvbWlzZWQgcmV0dXJuIGFkZHJlc3MgKCdlaXAnKSB3aXRoIGFuIGFkZHJlc3Mgb2
YgbWVtb3J5LQ0KPiByZXNpZGVudCBzaGVsbGNvZGUgcmVzaWRlbnQgaW4gdGhlIG1lbW9y
eSBvZiB0aGUgcHJvY2Vzcy4NCj4gDQo+IHZ1bG5maW5kIGlzIHJlbGVhc2VkIGFzIG9wZW
4gJ2MnIHNvdXJjZSBhbmQgaXQgd2lsbCBiZSBwb3J0ZWQgdG8gDQo+ICdjKysnIGluIHRo
ZSBjb21pbmcgd2Vla3MuIHZ1bG5maW5kLCBhbG9uZyB3aXRoIG92ZXIgMjUwIG90aGVyIG
MsIA0KPiBjcHAsIGN4eCwgYW5kIGggZmlsZXMgd3JpdHRlbiBieSBoUFJvVGVDVCBzdGFm
ZiwgaXMgYXZhaWxhYmxlIHZpYSANCj4gdGhlIGhQUm9UZUNUIExhYnMgaG9tZSBwYWdlLC
BpbiBhZGRpdGlvbiB0byBvdmVyIDI1MCBvdGhlciANCj4gcHJvamVjdHMuDQoNCldoYXQg
aXMgdGhlIFVSTCBmb3IgdGhlIGhQUm9UZUNUIExhYnMgaG9tZSBwYWdlPyBZb3UgZm9yZ2
90IHRvIGluY2x1ZGUgdGhlIGxpbmsgaW4gdGhlIHBvc3RpbmcNCg0KPiANCj4gVGhlIGF2
YWlsYWJpbGl0eSBvZiBhZGRpdGlvbmFsIHByb2plY3RzIHdpbGwgYmUgYW5ub3VuY2VkIH
RvIGFsbCANCj4gbWFpbGluZyBsaXN0cyB1cG9uIGJlY29taW5nIGF2YWlsYWJsZS4NCj4g
DQo+IFdpbGV5IE1pbGxlcg0KPiBQcm9kdWN0IE1hbmFnZXIsIGhQUm9UZUNUIExhYnMNCg
ADAAAACEJvZHkudHh0gAcAAAAGAAwAAAAAgAUAAAH5ABIAAAAEQnXrzgAKAAAAogMBAQEA
ECvHdu2zGcZYnr4GlDOG6FEACPycWCgexBR5AIBAr8VSPfPwADRbHQLdLwynPfKeZqbuzw
aiwwJitKFu7Fow2o32LgQS1V8TROx/keJTlGvyP2k57dTy4UuChwlRdHBkZstrx+KHZLVc
quSvuPOTTW77cXCtyU5wjQHBpKJ3RaJir78fecvLE7twD2CigIeHClmfSoE5oaJ7D2TsCg
AWAAAAgIF1Q2zUXiPnIdL8haKRVGACtQsn0OceqpKCCBy75YH5O8pA9KuSv3HbalQJcwJH
/GgKcN7ucMH9NmM6w7eAJSjOCXpu/Qu3CSs58bm3w0ShIuXBDrhOqI+jAOeWARmcAJ08Ri
Rt2YJ1EROWmUc91TzPqSZInP0p28qVhPMrP6o0ABcAAAACAAEAFAAAACQvbz1aRi9vdT1a
RkcvY249UmVjaXBpZW50cy9jbj1HNTE3NzQAEQAAACUvbz1aRi9vdT1aRkcvY249UmVjaX
BpZW50cy9jbj1yb290LWNhABAAAAADD0V0AAYAAAAI/JxYKB7EFHkAGAAAABtIYWV1c3Ns
ZXIgQWxleGFuZGVyIFNHRCBGSVcAGQAAACZBbGV4YW5kZXIuSGFldXNzbGVyQFpGLUxlbm
tzeXN0ZW1lLmNvbQAPAAAAAAMBC3k=
---- Ascom IDEAsecure End Message ----
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/