Metasploit mailing list archives
iis50_printer_overflow
From: sonixxfx at gmail.com (Sonixxfx)
Date: Wed, 8 Mar 2006 08:19:15 +0100
Hi, A bit late, but I still want to thank you for your help. When I'll have the time I will continue with this exploit. I am also considering buying one of the two books. Regards, Ben 2006/3/4, zodiac <zodiac at attrition.org>:
Sonixxfx, In terms of exploit writing in general, I've come across two books that are really top notch. The Shellcoder's Handbook: Discovering and Exploiting Security Holes by Jack Koziol, et. al. -- Very in depth and well written. Hacking: The Art of Exploitation by Jon Erickson -- I'd recomend tackling this first, the examples are first rate. Neither of these are free, and they're probably not in a library but it's a good investiment. Cheers! -MrZ On Sat, 4 Mar 2006, Dave Killion wrote:Sonixxfx, While I don't have much to offer on exploit-writing in general, I do remember when this issue came out, those many years ago. The original jill.c was the first 'kiddie-script-exploit' that I got workingeffectivelyagainst remote targets. Here's all the info I can remember about this issue - I don't know howmuchit you already have: http://www.microsoft.com/technet/security/bulletin/ms01-023.asp http://archives.neohapsis.com/archives/bugtraq/2001-05/0006.html http://www.securityfocus.com/bid/2674/discuss http://www.cert.org/advisories/CA-2001-10.html http://nvd.nist.gov/nvd.cfm?cvename=CVE-2001-0241 Here's a link to the exploit C code I mentioned: http://personal.telefonica.terra.es/web/alexb/e/jill.c Maybe looking through it, despite your lack of C knowledge, will helpsome.It really is compile-and-own script-kiddie-friendly code. I hope these help... -- Dave Killion, CISSP Contributing Author, Configuring NetScreen Firewalls On 3/3/06, Sonixxfx <sonixxfx at gmail.com> wrote:It seems to me it would be good to do additional reading on thissubject.I have seen some intresting things under the links section on theMetasploitwebsite. Please let me know about other material I should read,especiallyif it would be a good addtion to Vinnie Liu's Chapter. Thanks. Regards, Ben
-------------- next part -------------- An HTML attachment was scrubbed... URL: <http://mail.metasploit.com/pipermail/framework/attachments/20060308/5bc25c76/attachment.htm>
Current thread:
- iis50_printer_overflow Sonixxfx (Mar 02)
- iis50_printer_overflow H D Moore (Mar 02)
- iis50_printer_overflow Sonixxfx (Mar 03)
- iis50_printer_overflow Sonixxfx (Mar 03)
- iis50_printer_overflow Dave Killion (Mar 04)
- iis50_printer_overflow zodiac (Mar 04)
- iis50_printer_overflow Sonixxfx (Mar 07)
- iis50_printer_overflow H D Moore (Mar 07)
- iis50_printer_overflow Michael Boman (Mar 08)
- iis50_printer_overflow Peter Lee (Mar 08)
- iis50_printer_overflow pagvac (Mar 09)
- iis50_printer_overflow Sonixxfx (Mar 03)
- iis50_printer_overflow H D Moore (Mar 02)
- iis50_printer_overflow pagvac (Mar 09)
- iis50_printer_overflow Dave Killion (Mar 09)