Vulnerability Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Accessing IE/Netscape incomming data

From: tschroed () ACM ORG (Trevor Schroeder)
Date: Wed, 27 Oct 1999 00:14:51 -0500

On Tue, 26 Oct 1999, Alan Cox wrote:


You patch winsock.dll typically. You move the official one to owinsck.dll
and make your new winsock.dll reporcess all the calls then call the original.

Its mich like the LD_PRELOAD facilities in Unix systems


Only not.  LD_PRELOAD allows a user to selectively proload certain
libraries, however, it does not require them to shuffle around system
libraries to make way for the ones they want to load in.

I can't tell you how many times I've been burned (in a support role, not as
a user ;) by Windows apps that decide that they have The One True Library
and blithely overwrite a DLL with an older version (or a newer one) that
subsequently breaks a bunch of other apps.

It's a retarded scheme.
..........................................................................
: "I knew it was going to cost me my head and also my swivel chair, but  :
: I thought: What the hell--better men than I have risked their heads    :
: and their swivel chairs for truth and justice." -- James P. Cannon     :
:........... http://www.zweknu.org/ for PGP key and more ................:
Previous By Date Next
Previous By Thread Next

Current thread: