Metasploit mailing list archives
MS08-067 added to SVN trunk (3.2-testing)
From: hdm at metasploit.com (H D Moore)
Date: Tue, 28 Oct 2008 09:25:51 -0500
On Tuesday 28 October 2008, Giorgio Casali wrote:
The addressess I've used for a XP SP2 ITA that don't work are: 0x596bf727 ---> Ret 0x596c16e2 --> Disable NX address
I was hoping acgenral.dll would not be localized, but seems to be the case. If those addresses are not working, there may be something else different, but the only way to check is to attach a debugger and look. If you have the time, download and install WinDbg, attach to the svchost process that includes the Browser and Event services (expand the + to see the full command line/service list for each process), continue (F5), launch the exploit, and then send me whatever exception it throws (including the register state, eip, etc). Thanks! -HD
Current thread:
- MS08-067 added to SVN trunk (3.2-testing), (continued)
- MS08-067 added to SVN trunk (3.2-testing) H D Moore (Nov 01)
- MS08-067 added to SVN trunk (3.2-testing) base64 (Nov 01)
- MS08-067 added to SVN trunk (3.2-testing) base64 (Nov 01)
- MS08-067 added to SVN trunk (3.2-testing) Vlatko Kosturjak (Nov 03)
- MS08-067 added to SVN trunk (3.2-testing) Giorgio Casali (Nov 04)
- MS08-067 added to SVN trunk (3.2-testing) Valter Santos (Nov 04)
- MS08-067 added to SVN trunk (3.2-testing) metamaillist (Oct 29)
- courtesyshell Wright, Gareth (Oct 30)
- courtesyshell H D Moore (Oct 30)
- Message not available
- courtesyshell H D Moore (Oct 30)
- MS08-067 added to SVN trunk (3.2-testing) H D Moore (Oct 28)
- MS08-067 added to SVN trunk (3.2-testing) Ulises2k (Oct 31)
- MS08-067 added to SVN trunk (3.2-testing) Ulises2k (Oct 31)
- MS08-067 added to SVN trunk (3.2-testing) think.pink at gmx.de (Oct 31)
- MS08-067 added to SVN trunk (3.2-testing) Ramon de Carvalho Valle (Oct 31)
- MS08-067 added to SVN trunk (3.2-testing) Valter Santos (Nov 01)