Vuln Dev Mode:
(Page 3 of 75)  < Prev  1 2 3 4 5 6 7 8 9 10 11  Next >
HITBSecConf2007 Malaysia Videos Now Available 2007-12-06
Praburaajan (prabu hackinthebox org)
The videos from Hack In The Box Security Conference 2007 Malaysia is now
available for download! The files were created in Quicktime, however if
you're having trouble playing them on your platform, please ensure you
have the latest 3IVX codec installed.

Time to fire up your favorite Bit Torrent

[ more ]  [ reply ]
Re: SEH and overwrite EIP 2007-12-01
opexoc gmail com
maybe I have formulated badly this question. I mean that if we can overwrite return address of the function properly ( without access violation ) then we can overwrite SEH properly ( without access violation ) and if we can overwrite SEH properly then we can overwrite return address properly. So it

[ more ]  [ reply ]
SEH and overwrite EIP 2007-11-30
opexoc gmail com (1 replies)

I have simple question: assume that there is a buffer overflow vulnerability in some program, assume that I want to exploit it. Is it big difference beetwen overwriting SEH and EIP?


[ more ]  [ reply ]
Re: SEH and overwrite EIP 2007-12-08
Savio (sena savio gmail com)
Re: IRM Demonstrates Multiple Cisco IOS Exploitation Techniques 2007-11-13
MiKa mailinator org (1 replies)
Not quite sure what to think about this, is this a hoax?

No details are given, the captures of the "hack" show clearly a router command "gdb kernel" which (according to cisco's IOS command lookup tool on doesn't exist and which my own IOS device doesn't recognize.

So let's not hype th

[ more ]  [ reply ]
RE: IRM Demonstrates Multiple Cisco IOS Exploitation Techniques 2007-11-13
Holtz,Robert (Robert Holtz edwardjones com)
Oracle 0-day to get SYSDBA access to the database 2007-11-12
pete petefinnigan com
Tanel Poder has found a way to get SYSDBA access to the Oracle database by utilising a user who has the BECOME USER system privilege, execute privileges on KUPP$PROC.CHANGE_USER and CREATE SESSION. he shows how a user with these privileges can become SYS (but not SYSDBA) and then use an immediate de

[ more ]  [ reply ]
CanSecWest 2008 CFP (deadline Nov 30, conf Mar 26-28) and PacSec Dojo's 2007-11-09
Dragos Ruiu (dr kyx net)
I'd like to congratulate Adam Laurie for winning the second Powerbook
from the Pwn_to_Own contest as the prize for the best speaker rated
by the audience for his presentation on RFID at CanSecWest 2007.
We will have a similar prize for the best speaker at CanSecWest 2008,
prize TBD (but we promise i

[ more ]  [ reply ]
Browser Heaps 2007-11-05
John Paterson (john9434 gmail com)
I've been experimenting with Browser heaps and have some question. In
Internet Explorer I see two large heaps, one with the base at
0x00030000 and the other with the base at 0x00150000. From what I
understood, the heap at 0x00150000 is the process default heap and can
be manipulated by allocating an

[ more ]  [ reply ]
Re: Re: understanding buffer overflows 2007-11-02
secacc7 hotmail com
thx.. this was a great example. yesterday i posted a replay with a different email address so i think, it was not acceptet.

i edited your exampleas followed(maybe it was a bit different, im now at work..)


#include <stdio.h>

#include <string.h>

int foo(char *a)


char buffe

[ more ]  [ reply ]
Re: Re: understanding buffer overflows 2007-11-01
ma rebeco at
thank you!

this was a great example but it didnt work on my debian machine. - but it worked better than mine.

i have edited your example as folowed:


#include <stdio.h>

#include <string.h>

int foo (char *input)


char buffer [10];

strcpy(buffer, input);

return (0);


[ more ]  [ reply ]
Re: understanding buffer overflows 2007-11-01
adimitro gmail com
Try this.. it is in C but you shouldn't have problems rewriting it..

In your example you are overrunning the buffer but you might not be overwriting the EIP .. try a bigger buffer


Best Regards,



Overflow written for:

x86 Pentium 4

Linux version 2.6.5-7.104-defaul

[ more ]  [ reply ]
understanding buffer overflows 2007-10-31
secacc7 hotmail com (3 replies)
hello, my name is michael, im from austria - so my english is very bad.

A few days ago i begin to experiment with bufferoverflows in linux.

i wrote a little c++ programm like this:

#include <string.h>

void main()


char buffer[10];


[ more ]  [ reply ]
Re: understanding buffer overflows 2007-11-05
Chris Eagle (cseagle redshift com)
Re: understanding buffer overflows 2007-11-03
Ben Petering (bjp dfmagicp org)
Re: understanding buffer overflows 2007-11-01
In Memoriam: Jun-ichiro Hagino 2007-10-30
Dragos Ruiu (dr kyx net)
With great sadness, I regret to inform you that Itojun
will not be presenting his great knowledge of IPv6 at
PacSec. I have been informed by several sources
that he passed away yesterday.

Funeral services will be held on Nov 7th at Rinkai-Saijo
in Tokyo. There aren't many details of his passing,

[ more ]  [ reply ]
DeepSec 2007 Registration: hurry up, seats are filling fast 2007-10-30
Stefano Zanero (zanero elet polimi it)
Hallo list members, and sorry if you receive multiple copies of this message

this is just a friendly reminder that registration for the DeepSec
Security Conference 2007 is available at the URL

The conference is taking place in less than 3 weeks in the awesome city
of V

[ more ]  [ reply ]
Re: Help needed in TFTP32v1.3 BO 2007-10-19
wong yu liang (yuliang11 yahoo com)

Thanks patrick,
looks like the script is in metasploit but it didn't
work on my win xp sp1. my issue is here that my
shellcode is 4 btyes off the ESP pointer. if anyone
could point me a method to directly align the
shellcode to ESP that would be great.


--- Patrick Webster <patrick@m

[ more ]  [ reply ]
Cracking the iPhone (5 article series) 2007-10-22
H D Moore (sflist digitaloffense net)
The last part of my iPhone-related blog entries was posted last night. The
first article discusses the architecture and provides some useful
shellcode for already-modified phones.

The second article discusses the l

[ more ]  [ reply ]
CFP for HITBSecConf2008 - Dubai now open 2007-10-23
Praburaajan (prabu hackinthebox org)
The CFP for HITBSecConf2008 - Dubai is now open.

Our 2008 event is expected to attract over 300 attendees from around the
EMEA region and will see keynote speakers Bruce Schneier (Founder and
CTO, BT Counterpane) and Jeremiah Grossman (Founder and CTO, White Hat
Security). The event is supported an

[ more ]  [ reply ]
Help needed in TFTP32v1.3 BO 2007-10-17
wong yu liang (yuliang11 yahoo com)

hi all,
i'm new to bufferoverflow. i've gone thru some basic
examples in bufferover now i'm trying to write my own
exploit based on this software. basically i found this
perl script somewhere on the net. it takes 264 bytes
to overflow with 4 byte extra for the EIP.
i''m using call esp , #0x

[ more ]  [ reply ]
IRM Demonstrates Multiple Cisco IOS Exploitation Techniques 2007-10-10
Andy Davis (andy davis irmplc com)
In August 2005 at Black Hat Las Vegas, Michael Lynn delivered his
infamous presentation entitled "Cisco IOS Shellcode and Exploitation
Techniques". For the first time ever, remote exploitation of Cisco IOS
was publicly demonstrated using shellcode that spawned a connect-back or
"reverse" shell. His

[ more ]  [ reply ]
Black Hat Tokyo + DC and Europe CfPs now open. 2007-10-09
Jeff Moss (jmoss blackhat com)
We've finalized the speaker lineup for Black Hat Japan 2007, and we're looking forward to a great show. Attendees will be treated to a roster with more variety and depth than ever.
The schedule and speaker bios are available on-line at:

[ more ]  [ reply ]
Oracle 11g password algorithm revealed 2007-09-22
pete petefinnigan com
Hi All,

I have been posting a few entries to my blog over the last few weeks on Oracle 11g Security and have been looking at the new SHA-1 password algorithm used in Oracle 11g.

The password algorithm is simple and very easy to guess once you realise that the sha1 verifier stored in the datab

[ more ]  [ reply ]
ToorCon Final Lineup Announcement 2007-09-20
David Hulton (h1kari toorcon org)
Hey guys,

Just thought I'd shoot out a quick shameless plug for ToorCon and
mention that we've published our full speaker lineup and have
finalized our Seminars and Workshops schedule. We will be increasing
the registration prices on Sunday, September 23rd so if you're
interested in coming out, mak

[ more ]  [ reply ]
Uninformed Journal Release Announcement: Volume 8 2007-09-18
Uninformed Staff (sflist digitaloffense net)
Uninformed is pleased to announce the release of its eighth volume. This
volume includes 6 articles on a variety of topics:

- Covert Communications: Real-time Steganography with RTP
Author: I)ruid

- Engineering in Reverse: PatchGuard Reloaded: A Brief Analysis of
PatchGuard Version 3

[ more ]  [ reply ]
RE: Re[2]: [Full-disclosure] Next generation malware: Windows Vista's gadget API 2007-09-18
Ed Patterson (epatterson DirectApps com)
The lack of a defense vector doesn't translate magically to a new attack vector. The absence of common security mitigating controls is referred to as a vulnerability. Really all old attack vectors apply.

The secure design model for this type of application should be a sandboxed by zone. The v

[ more ]  [ reply ]
(Page 3 of 75)  < Prev  1 2 3 4 5 6 7 8 9 10 11  Next >


Privacy Statement
Copyright 2010, SecurityFocus