Metasploit mailing list archives
2 nice pop/pop/ret :) (update)
From: class101 at hat-squad.com (class 101)
Date: Wed, 9 Mar 2005 10:01:57 +0100
Here is the result of comparing some huge list of pop/pop/ret of XP SP1, SP1a, SP2 ENGLISH I got 2 universal offsets accross those 3 Os SP2 ENGLISH 0x71ABE325 pop esi - pop - retbis - WS2_32.DLL 0x77E7F69E pop ebx - pop - retbis - RPCRT4.DLL SP1a ENGLISH 0x71ABE325 pop edi - pop - retbis - WS2_32.DLL 0x77E7F69E pop ebx - pop - retbis - KERNEL32.DLL SP1 ENGLISH 0x71ABE325 pop edi - pop - retbis - WS2_32.DLL 0x77E7F69E pop ebx - pop - retbis - KERNEL32.DLL enjoy :) ------------------------------------------------------------- class101 Jr. Researcher Hat-Squad.com -------------------------------------------------------------
Current thread:
- 2 nice pop/pop/ret :) (update) class 101 (Mar 09)
- 2 nice pop/pop/ret :) (update) H D Moore (Mar 09)
- 2 nice pop/pop/ret :) (update) class 101 (Mar 09)
- 2 nice pop/pop/ret :) (update) H D Moore (Mar 09)