Vulnerability Development mailing list archives
Re: development of wordpad exploit
From: BlueBoar () THIEVCO COM (Blue Boar)
Date: Fri, 19 Nov 1999 19:45:28 -0800
Witold Chrabaszcz wrote:
This does indeed seem to have generated a lot of interest. I guess this is a good indication that at least some of us on this list, despite having a decent background in programming and a fair understanding of various security issues are in the dark as to how various bugs/oversights are exploited. This includes me as well.
Indeed. I think most of this is due to a widespread lack of expertise on how to do overflow exploits in Windows. I expect this to improve in the near future. I'm aware of a number of projects to help improve this, and of course I expect to use this forum for that as well. So, I expect we'll have a round or two of what a stack looks like, how to control various registers, where to jump in memory, etc.. Mostly in the context of Windows. In a year's time, this information will probably be considered to widely known to warrant going over it here, but I think it's a good fit now. Folks who are AGAINST discussing Windows overflow basics here because they'd be wildly bored hashing over something they already know, mail me privately. I'll use that as a sort of voting mechanism. As background info, folks should check out http://www.rootkit.com BB
Current thread:
- Re: development of wordpad exploit, (continued)
- Re: development of wordpad exploit Gerardo Richarte (Nov 19)
- Re: development of wordpad exploit Gerardo Richarte (Nov 19)
- Re: development of wordpad exploit Larry W. Cashdollar (Nov 19)
- Re: development of wordpad exploit Taneli Huuskonen (Nov 19)
- Re: development of wordpad exploit Jason Paulson (Nov 19)
- Re: development of wordpad exploit Riley, Steven (Nov 19)
- Re: development of wordpad exploit Thomas Dullien (Nov 19)
- Re: development of wordpad exploit Harlan Carvey (Nov 19)
- Re: development of wordpad exploit Vanna P. Rella (Nov 19)
- Re: development of wordpad exploit Witold Chrabaszcz (Nov 19)
- Re: development of wordpad exploit Blue Boar (Nov 19)
- Re: development of wordpad exploit Rodrick Brown (Nov 19)
- [Fwd: INZIDER!] Blue Boar (Nov 19)
- Re: development of wordpad exploit Seth R Arnold (Nov 20)
- Re: development of wordpad exploit Witold Chrabaszcz (Nov 19)
- Re: development of wordpad exploit Aubrey Smith (Nov 20)
- Re: development of wordpad exploit Thomas Dullien (Nov 20)
- Re: development of wordpad exploit Dave Harvill (Nov 20)
- Re: development of wordpad exploit Pauli Ojanpera (Nov 21)
- Re: development of wordpad exploit Thomas Dullien (Nov 22)