Re: development of wordpad exploit

[sarnold () WILLAMETTE EDU (Seth R Arnold)]

On Fri, Nov 19, 1999 at 10:29:36PM -0500, Witold Chrabaszcz wrote:
> This does indeed seem to have generated a lot of interest.  I guess this
> is a good indication that at least some of us on this list, despite having
> a decent background in programming and a fair understanding of various
> security issues are in the dark as to how various bugs/oversights are
> exploited.  This includes me as well.

I would suggest a few places to begin reading; I can't say "it worked for
me" since I have never programmed an overflow exploit myself. However,
within the last week or so, someone posted onto bugtraq and explanation how
to code exploits for the Alpha CPU. Of course, it won't help much directly,
but the flavor is there, and some of the information will work nicely.

I seem to recall some overflow exploiting being done by the guy that cracked
the hackpcweek.com linux box -- he wrote a very nice article detailing what
steps he took, though he might not have actually overflowed anything. Good
reading all the same.

Also, Aleph1 wrote a nice piece entitled "smashing the stack for fun and
profit" if I recall correctly... I think it appeared in a past issue of
phrack (53?) and is likely available in the library on securityfocus.com.

I hope these lowly pointers are enough to get some of you started. :)

--
Seth Arnold | http://www.willamette.edu/~sarnold/
Hate spam? See http://maps.vix.com/rbl/ for help
Hi! I'm a .signature virus! Copy me into
your ~/.signature to help me spread!