Vulnerability Development mailing list archives

Re: development of wordpad exploit

From: steven.riley () WCOM CO UK (Riley, Steven)
Date: Fri, 19 Nov 1999 17:08:05 -0000


I'm in a similar position. I new to this concept. I'm trying to figure out
how you get a buffer overrun to execute code. How would code be inserted?
What signs would I look for to identify if code could be inserted?

The Riched20.dll has references to the ADVAPI32.DLL, USER32.DLL,
KERNEL32.DLL etc.. Would it be possible to use this overflow to pass
commands to these dll's?

How would you write the command string... I've got a lot learn :-(  Time to
buy the 'Dummies guide to buffer overflows'.

Steve

-----Original Message-----
From: Marlon Jabbur [mailto:mjabbur () UOL COM BR]
Sent: 19 November 1999 16:19
To: VULN-DEV () SECURITYFOCUS COM
Subject: RES: development of wordpad exploit

I would like to help this, i'm new to buffer overflow, and very interested
in learn.

Would be nice.

j4bbur

-----Mensagem original-----
De: VULN-DEV List [mailto:VULN-DEV () SECURITYFOCUS COM]Em nome de
hypoclear - lUSt - (Linux Users Strike Today)
Enviada em: Friday, November 19, 1999 5:42 AM
Para: VULN-DEV () SECURITYFOCUS COM
Assunto: development of wordpad exploit

I light of the latest windows vulnerability in wordpad, it would be great if
in this forum we could develop an exploit for it.  As of now details of the
vulnerability are on the net, however no exploit exists yet.  This would be
an excellent opportunity for all of us who don't really know how to code
exploits (yet) to see all the details of developing one.  Anyone else like
this idea?!?

hypolcear

===================================================
This communication contains information which is confidential and
may also be privileged.  It is for the exclusive use of the
intended recipient(s).  If you are not the intended recipient(s),
please note that any distribution, copying or use of this
communication or the information in it is strictly prohibited.
If you have received this communication in error, please notify
the sender immediately and then destroy any copies of it.

--
MCI WorldCom Year 2000 information http://www.wcom.co.uk/2000

Current thread:

development of wordpad exploit Linux Users Strike Today (Nov 18)
- RES: development of wordpad exploit Marlon Jabbur (Nov 19)
- Re: development of wordpad exploit Gerardo Richarte (Nov 19)
- Re: development of wordpad exploit Gerardo Richarte (Nov 19)
- <Possible follow-ups>
- Re: development of wordpad exploit Larry W. Cashdollar (Nov 19)
  - Re: development of wordpad exploit Taneli Huuskonen (Nov 19)
- Re: development of wordpad exploit Jason Paulson (Nov 19)
- Re: development of wordpad exploit Riley, Steven (Nov 19)
- Re: development of wordpad exploit Thomas Dullien (Nov 19)
- Re: development of wordpad exploit Harlan Carvey (Nov 19)
- Re: development of wordpad exploit Vanna P. Rella (Nov 19)
  - Re: development of wordpad exploit Witold Chrabaszcz (Nov 19)
    - Re: development of wordpad exploit Blue Boar (Nov 19)
    - Re: development of wordpad exploit Rodrick Brown (Nov 19)
    - [Fwd: INZIDER!] Blue Boar (Nov 19)
    - Re: development of wordpad exploit Seth R Arnold (Nov 20)
- Re: development of wordpad exploit Aubrey Smith (Nov 20)
- Re: development of wordpad exploit Thomas Dullien (Nov 20)

(Thread continues...)