Re: 0day RealServer exploit demo

[admin () gleg net]

Hi,

> On 04 January 2008 08:15, admin () gleg net wrote:
>
> > Hi,
> >
> > > On 03 January 2008 10:26, admin () gleg net wrote:
> > >
> > > > The demonstrated CANVAS module exploits a heap overflow vulnerability
> > > > in RealServer. The exploit was available to our clients since Oct 3, 2007.
> > > >
> > > > Feel free to email me if any questions appear.
> > >
> > >   Ok, since you did say "any questions", I do have a question:
> > >
> > > Q:    What's the bug and how do I trigger it (apart from by buying
> > > VulnDisco)?
> > Honestly, what answer you expect to get from me? ;-)
>
>
>   A silly or humorous one!  :-)
>
>   Plus, maybe, the start of a thread about those SWF demos that people are
> always showing these days.
>
>   Because after all, they're not very exciting to watch, and they're all
> pretty much the same; you see a cursor, it makes a few selections from a few
> dialog boxes, it clicks "Start", a window opens saying that it's a shell and
> that it's running on a different machine...  apart from the text in the
> drop-down box in the dialog when the particular exploit is selected, they're
> all basically identical.  And of course they are all showing you the dull end
> of the exploit, when all the 'action' is taking place at the remote end.  I
> thought it might be interesting to raise the topic of whether they could be
> made more demonstrative and informative yet without giving too much away that
> people don't want to disclose.
>
>   For example, it might be possible to add a little picture-in-picture inset,
> showing a sort of broad overview of the target process' memory space, maybe
> using different colours to show the evil data arriving in the   
> target's memory,
> being processed, and ending up being executed.  Something like that   
> might give
> people a general idea of whether it was a heap or a buffer overflow, and how
> clever/tricky it was, without giving away enough information to even start
> trying to reverse it; but imagine watching a unicode venetian blind exploit
> constructing itself in front of your eyes, or seeing strings being
> concatenated until they spill out of a buffer.  There must be ideas like this
> that could add value to what are otherwise fairly dull demos, don't   
> you think?

Nice thread, any ideas how I could make our demos more interesting  
will be greatly appreciated ;-)

Lately I updated realplayer flash demo, we are using CANVAS to take a  
screenshot.


-- 
Best regards,
Evgeny Legerov

_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://lists.immunitysec.com/mailman/listinfo/dailydave