Metasploit mailing list archives
learning buffer overflows
From: tyronmiller at gmail.com (Ty Miller)
Date: Mon, 29 Jan 2007 10:40:30 +1100
Hi, Not sure how far along you are with your exploit writing; however, I posted recently asking a similar question about where I should start and was referred to the following articles which are all fantastic! ... Ready to get my hands dirty! ;o) Writing Exploits III (awesome detail and explanations) http://www.syngress.com/book_catalog/327_SSPC/sample.pdf Simple Metsploit in Action! (practical tutorial) http://www.milw0rm.com/papers/125 Writing Metasploit Plugins http://packetstormsecurity.org/hitb06/DAY_1_-_Saumil_Shah_-_Writing_Metasplo it_Plugins.pdf Exploit Development: GroupWise Messenger Server http://www.milw0rm.com/papers/56 Security Whitepapers - hacking tutorials https://www.securinfos.info/english/security_papers_hacking_whitepapers.php Milworm Papers http://www.milw0rm.com/papers/ Up & Running with the Metasploit Framework https://www.sans.org/athome/details.php?nid=1956 Uninformed http://www.uninformed.org/ Hope this helps, Ty -----Original Message----- From: /dev/null [mailto:exceed at email.si] Sent: Monday, 29 January 2007 9:54 AM To: framework at metasploit.com Subject: [framework] learning buffer overflows Hi, first off, sorry for being offtopic and unpolite. I know this is not the right list for questions like mine, but anyway... people here are nice and they have knowledge so maybe someone will help... I'm trying to learn buffer overflows and have already conqured some basic knowledge. But when it comes to the "real thing" BOFs could be real PITA. Recently I came across buffer overflow in Multicast Information (mrinfo.exe) in Windows XP SP2. I didn't find this issue myself of course. This is an old and well known bug. To cut a long and boring story short. Here's the link with (wanna be) perl exploit: http://localhostr.com/files/0dd54859f6734930a94b.zip If anyone is willing to help - more informations and questions are included in perl script. Thank you very much. /ex. ____________________ http://www.email.si/
Current thread:
- learning buffer overflows /dev/null (Jan 28)
- learning buffer overflows Robert Clark (Jan 28)
- <Possible follow-ups>
- learning buffer overflows Ty Miller (Jan 28)