Penetration Testing mailing list archives
RE: Windows NT shellcode needed
From: "Aleksander P. Czarnowski" <alekc () avet com pl>
Date: Sat, 23 Jul 2005 00:23:12 +0200
You can check the classic publication: Exploiting Windows NT 4.0 Buffer Overruns (A Case Study: RASMAN.EXE) http://www.ngssoftware.com/papers/ntbufferoverflow.html A lot of good tips on this topic can be also found in Shellcoder's handbook if you need introduction to more advance topics on this platform. Also take a look at kungfoo project and MetaSploit for universal shellcodes. Remember that you don't call Win32 API with syscall (int 80h) like in Linux but you need to have correct address to issue call instruction. Just my 2 cents Best Regards, Aleksander Czarnowski AVET INS
-----Original Message----- From: Mike Klingler [mailto:mike () securitymetrics com] Sent: Friday, July 22, 2005 5:02 AM To: pen-test () securityfocus com Subject: Windows NT shellcode needed -----BEGIN PGP SIGNED MESSAGE----- Hash: RIPEMD160 I have found a more remote version of apache 1.3.4 win32 on a NT system. It appears vulnerable, but I am having the hardest time locating shell code for use against this system. What are some good resources for creating shell code on windows NT 4.0 systems? I have done trivial buffer overflows in C on Linux, but don't know how to make the jump to windows very well. Any thoughts out there? Thanks. Mike -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFC4GHAQzWqtbsEFfgRA+tOAJ9Ky3YSM1DlrffeLkaiYg71S6HQtACgtZ/X bCa1mYwOa8wNT91l1x45KzM= =DAnz -----END PGP SIGNATURE-----
Current thread:
- Windows NT shellcode needed Mike Klingler (Jul 22)
- RE: Windows NT shellcode needed Aleksander P. Czarnowski (Jul 22)
- Re: Windows NT shellcode needed matt (Jul 23)
- <Possible follow-ups>
- Re: Windows NT shellcode needed mike king (Jul 22)
- RE: Windows NT shellcode needed Aleksander P. Czarnowski (Jul 22)