Metasploit mailing list archives
XMPlayer PLS Buffer Overflow Module
From: hdm at metasploit.com (H D Moore)
Date: Tue, 28 Nov 2006 22:19:15 -0600
FYI, you can also use 'memdump.exe' in the tools directory of v2.7. This will create a directory containing the process image broken into files based on the virtual address. The msfpescan -d <dir> option can be used to find return addresses in the memdump.exe output. Just cross-reference the opcode matches with the virtual addresses to determine which ones fall into the application's DLLs. Really short on free time lately, or I would do it myself :-/ -HD On Tuesday 28 November 2006 21:58, Greg Linares wrote:
hate to double post but that tool Jerome mentioned is called EEReap from Eeye. If no one grabs a universal address by tomorrow i'll probably dive in and try for it :)
Current thread:
- XMPlayer PLS Buffer Overflow Module Greg Linares (Nov 27)
- XMPlayer PLS Buffer Overflow Module Nicob (Nov 28)
- XMPlayer PLS Buffer Overflow Module Greg Linares (Nov 28)
- XMPlayer PLS Buffer Overflow Module Greg Linares (Nov 28)
- XMPlayer PLS Buffer Overflow Module H D Moore (Nov 28)
- XMPlayer PLS Buffer Overflow Module Greg Linares (Nov 30)
- XMPlayer PLS Buffer Overflow Module Greg Linares (Nov 28)
- XMPlayer PLS Buffer Overflow Module Nicob (Nov 28)