Metasploit mailing list archives

2 nice pop/pop/ret :)

From: class101 at hat-squad.com (class 101)
Date: Wed, 9 Mar 2005 09:53:56 +0100

Here is the result of comparing some huge list of pop/pop/ret of XP SP1,
SP1a, SP2 ENGLISH

I got 2 universal offsets accross those 3 Os

SP2 ENGLISH

0x71ABE325 pop esi - pop - retbis
0x77E7F69E pop ebx - pop - retbis

SP1a ENGLISH

0x71ABE325 pop edi - pop - retbis
0x77E7F69E pop ebx - pop - retbis

SP1 ENGLISH

0x71ABE325 pop edi - pop - retbis
0x77E7F69E pop ebx - pop - retbis


enjoy :)


-------------------------------------------------------------
class101
Jr. Researcher
Hat-Squad.com
-------------------------------------------------------------

Current thread:

2 nice pop/pop/ret :) class 101 (Mar 09)