static dll's for windows buffer overflows

[Franklin DeMatto <franklin.lists () qDefense com>]

Windows buffer overflows almost always require knowledge of offsets in 
dll's.  Even if rva is used, usually one offset is still known, to jmp to 
where the code is (e.g., let's say the shellcode is pointed to by eax, we 
need to know the offset of somewhere to jmp eax).  Which dll's are the most 
static?  For the jmp instruction, we can use any dll, as long as it has 
those bytes (i.e., we are not limited to kernel, user, and gdi).  Which 
dll's are the best to use, and why?


(BTW, I would like to suggest that the term "buffer overflow" be replaced 
with the term "memory overwrite," as there are many forms besides buffer 
overflow, such as format string, malloc (0) mangling, etc. )


Franklin DeMatto
Senior  Analyst, qDefense Penetration Testing
http://qDefense.com
qDefense: Making Security Accessible