Penetration Testing mailing list archives
can this overflow lead to exploitation?
From: pen-test <avaya.toons () gmail com>
Date: Tue, 10 Feb 2009 22:12:18 +0530
Hi all, Just need some help exploiting a doubtd buffer overflow, Well, the scenario is, i found a cute little app of my friend, vulnerable to overflow(?). But i can't say at this time whthr itz exploitable or not. Thatz why i need help, Ok, what you do when u doubt thrz a chance of exploitation, if an app get crashed, when given an arbitrary long URL/filename? In my case the app crashed with a MessageBox from the exception handler that the "app terminated unexpectdly" and giving a dmp, I just ran the mem dump thru VS 2005 and got "an Unhandled exception at 0x019f57b0 in app.exe: 0xC0000005:Access violation writing location 0xd357a29f." Seems a null pointer usage, but not sure. Hmmm, following me? Now pls help me analyse the case and if exploitable, how? Any online documentations, e-books ? Above all any experts in buff overflow exploitation? Thanks ahead, Tom
Current thread:
- can this overflow lead to exploitation? pen-test (Feb 10)
- Re: can this overflow lead to exploitation? shellcoder1 (Feb 11)
- Message not available
- Re: can this overflow lead to exploitation? pen-test (Feb 11)
- Re: can this overflow lead to exploitation? ArcSighter Elite (Feb 12)
- Re: can this overflow lead to exploitation? Sanjay R (Feb 18)
- Message not available
- Re: can this overflow lead to exploitation? shellcoder1 (Feb 11)