Re: development of wordpad exploit

[huuskone () CC HELSINKI FI (Taneli Huuskonen)]

-----BEGIN PGP SIGNED MESSAGE-----

> > I light of the latest windows vulnerability in wordpad, it would be great if
> > in this forum we could develop an exploit for it.  As of now details of the
> > vulnerability are on the net, however no exploit exists yet.  This would be an
> > excellent opportunity for all of us who don't really know how to code exploits
> > (yet) to see all the details of developing one.  Anyone else like this idea?!?
>
>
> I would like to actually, I understand what a buffer overflow is how they work
> and why they work.  But I have never coded one.  I know C and have dabbled in
> assembly but am just shy of what I need to code my own exploit.  I have read
> _every_ buffer-overflow paper out there and even worked on my own shell code.
> (nah I didnt get it to work, probably messed up and address calulation).  I
> personally think this would be the perfect forum for such a project.
>
>
> - Larry W. Cashdollar

I'm interested as well.  I once wrote my own exploit for a buffer
overflow in Linux from scratch, but I don't know how to do it under
Windows.  Always willing to learn. :-)

Anyone got a good debugger and a C compiler for Windows?

Taneli Huuskonen

-----BEGIN PGP SIGNATURE-----
Version: 2.6.3i
Charset: noconv

iQB1AwUBODWC7QUw3ir1nvhZAQHAzAL9F3yvVOjZOR0JzNNhSeoZ/vx/uzwdhv3m
27t2bCDWro6zL4C82lrjLriwN7/ERkIqyoS4Snv2kYLI+KvtyvNwAJPC1Jqpf5iQ
MsAQqWpRmn3f560lPr3CjC/vhWdrPyjw
=lk7L
-----END PGP SIGNATURE-----

--
I don't   | All messages will be PGP signed,  | Fight for your right to
speak for | encrypted mail preferred.  Keys:  | use sealed envelopes.
the Uni.  | http://www.helsinki.fi/~huuskone/ | http://www.gilc.org/