Re: development of wordpad exploit

[dullien () GMX DE (Thomas Dullien)]

On Fri, 19 Nov 1999 11:11:58 -0500, Larry W. Cashdollar wrote:

> > I light of the latest windows vulnerability in wordpad, it would be great if
> > in this forum we could develop an exploit for it.  As of now details of the
> > vulnerability are on the net, however no exploit exists yet.  This would be an
> > excellent opportunity for all of us who don't really know how to code exploits
> > (yet) to see all the details of developing one.  Anyone else like this idea?!?

> I would like to actually, I understand what a buffer overflow is how they work
> and why they work.  But I have never coded one.  I know C and have dabbled in
> assembly but am just shy of what I need to code my own exploit.  I have read
> _every_ buffer-overflow paper out there and even worked on my own shell code.
> (nah I didnt get it to work, probably messed up and address calulation).  I
> personally think this would be the perfect forum for such a project.

Well, if there is interest for something like this, I will gladly help when it comes
to coding a shellcode in Win32. Any more information about that wordpad thingie ?

Thomas Dullien
dullien () gmx de
Win32 Security Consultant ;-> Hire me !