Metasploit mailing list archives
iis50_printer_overflow
From: zodiac at attrition.org (zodiac)
Date: Sat, 4 Mar 2006 13:49:08 -0500 (EST)
Sonixxfx, In terms of exploit writing in general, I've come across two books that are really top notch. The Shellcoder's Handbook: Discovering and Exploiting Security Holes by Jack Koziol, et. al. -- Very in depth and well written. Hacking: The Art of Exploitation by Jon Erickson -- I'd recomend tackling this first, the examples are first rate. Neither of these are free, and they're probably not in a library but it's a good investiment. Cheers! -MrZ On Sat, 4 Mar 2006, Dave Killion wrote:
Sonixxfx, While I don't have much to offer on exploit-writing in general, I do remember when this issue came out, those many years ago. The original jill.c was the first 'kiddie-script-exploit' that I got working effectively against remote targets. Here's all the info I can remember about this issue - I don't know how much it you already have: http://www.microsoft.com/technet/security/bulletin/ms01-023.asp http://archives.neohapsis.com/archives/bugtraq/2001-05/0006.html http://www.securityfocus.com/bid/2674/discuss http://www.cert.org/advisories/CA-2001-10.html http://nvd.nist.gov/nvd.cfm?cvename=CVE-2001-0241 Here's a link to the exploit C code I mentioned: http://personal.telefonica.terra.es/web/alexb/e/jill.c Maybe looking through it, despite your lack of C knowledge, will help some. It really is compile-and-own script-kiddie-friendly code. I hope these help... -- Dave Killion, CISSP Contributing Author, Configuring NetScreen Firewalls On 3/3/06, Sonixxfx <sonixxfx at gmail.com> wrote:It seems to me it would be good to do additional reading on this subject. I have seen some intresting things under the links section on the Metasploit website. Please let me know about other material I should read, especially if it would be a good addtion to Vinnie Liu's Chapter. Thanks. Regards, Ben
Current thread:
- iis50_printer_overflow Sonixxfx (Mar 02)
- iis50_printer_overflow H D Moore (Mar 02)
- iis50_printer_overflow Sonixxfx (Mar 03)
- iis50_printer_overflow Sonixxfx (Mar 03)
- iis50_printer_overflow Dave Killion (Mar 04)
- iis50_printer_overflow zodiac (Mar 04)
- iis50_printer_overflow Sonixxfx (Mar 07)
- iis50_printer_overflow H D Moore (Mar 07)
- iis50_printer_overflow Michael Boman (Mar 08)
- iis50_printer_overflow Peter Lee (Mar 08)
- iis50_printer_overflow pagvac (Mar 09)
- iis50_printer_overflow Sonixxfx (Mar 03)
- iis50_printer_overflow H D Moore (Mar 02)
- iis50_printer_overflow pagvac (Mar 09)
- iis50_printer_overflow Dave Killion (Mar 09)