|
|
Colapse all |
Post message
Winamp - Buffer Overflow In IN_CDDA.dll [Unpatched] 2004-11-24 Brett Moore (brett moore security-assessment com) ======================================================================== = Winamp - Buffer Overflow In IN_CDDA.dll = = Affected Software: = Winamp 5.05, 5.06 = = Public disclosure on November 24, 2004 ======================================================================== == Overview == Hat [ more ] [ reply ] SecureCRT - Remote Command Execution 2004-11-23 Brett Moore (brett moore security-assessment com) ======================================================================== = SecureCRT - Remote Command Execution = = Vendor Update: = http://www.vandyke.com/download/securecrt/index.html = = Affected Software: = SecureCRT V4.1, V4.0 (and probably lower) = = Public disclosure on November 23, 2 [ more ] [ reply ] Problem exploiting a CGI overflow 2004-11-23 Víctor Henríquez (vhenriquez grancanaria com) (1 replies) Hi, I'm new in this world. I discover several buffer overflow problems in some of our home-made apps. I try to exploit this but I have a rare problem. --- Vuln Code (post2.c) --- #include <stdio.h> #include <string.h> int main() { void split(char *line); char line1[500],line2[500]; strcp [ more ] [ reply ] Winamp - Buffer Overflow In IN_CDDA.dll 2004-11-23 Brett Moore (brett moore security-assessment com) ======================================================================== = Winamp - Buffer Overflow In IN_CDDA.dll = = Vendor Update: = http://www.winamp.com/player/ = = Affected Software: = Winamp 5.05 (only version tested) = = Public disclosure on November 23, 2004 ======================== [ more ] [ reply ] RE: Online Games Consoles and Security Implications 2004-11-19 Greg Blake (gvblake houston rr com) Quick question, we just allowed our son to start online gaming with his X-Box. My wife is using a XP laptop through our home hardwire VPN and noticed a problem on her system in that Outlook has something running in background and won't allow for any type of shutdown. My 98win old AMD system o [ more ] [ reply ] 600 Oracle default usernames/passwords available 2004-11-17 Pete Finnigan (plsql petefinnigan com) Hi Everyone, I thought that people here might be interested in this new list of Oracle default usernames and passwords. I have just added a page to my site that lists 596 default Oracle users and their passwords. The list is available as HTML, CSV, SQL insert statements to load the data into a ta [ more ] [ reply ] New whitepaper: Writing IA32 Restricted Instruction Set Shellcode Decoder Loops 2004-11-16 Berend-Jan Wever (skylined edup tudelft nl) (1 replies) Hi all, This one got rejected by phrack and I couldn't be arsed to rewrite it so it would make the next edition: "Writing IA32 Restricted Instruction Set Shellcode Decoder Loops" by SkyLined ( http://www.edup.tudelft.nl/~bjwever/whitepaper_shellcode.html ) The article addresses the requirements fo [ more ] [ reply ] Re: New whitepaper: Writing IA32 Restricted Instruction Set Shellcode Decoder Loops 2004-11-17 Peter Willis (psyphreak phreaker net) (1 replies) Re: New whitepaper: Writing IA32 Restricted Instruction Set Shellcode Decoder Loops 2004-11-18 Michael Vergoz (descript secureyourapache com) (1 replies) Re: [Full-Disclosure] Re: New whitepaper: Writing IA32 Restricted Instruction Set Shellcode Decoder Loops 2004-11-18 Berend-Jan Wever (skylined edup tudelft nl) [off topic] Book, articles and link recommendations 2004-11-15 Sergio (sergioy2004 yahoo com br) Hi everyone, We would like recommendations of books, links and articles related secure programming, that describes buffer/integer overflow, race conditions and other stuff regarding programming errors that can cause an vulnerability. Please, send me direct to me the suggestions. Thanks in advance [ more ] [ reply ] non-executable stacks 2004-11-14 Ghaith Nasrawi (libero aucegypt edu) Hey folks, I'm sorry if this question was asked before in this mailing list, but I couldn't find useful information about it everywhere else. Currently, I'm working on Linux 2.6.9-1.667 under Fedora Core 3, and the way to trigger on/off the stack protection is by setting/unsetting "/proc/sys/kerne [ more ] [ reply ] Re: Buffer Overflow Help 2004-11-10 Marco Ivaldi (raptor 0xdeadbeef info) (1 replies) > I am trying to learn how to write a basic stack buffer overflow on > linux. The program that I am exploiting is: Hey eip, I'm not sure what's happening here: have you changed something in the environment between the two vulnerable program executions? 0xbffff5b4 is far different from 0xbfffe43 [ more ] [ reply ] Re: Buffer Overflow Help 2004-11-12 sin (sin nosec net) (1 replies) Re: Buffer Overflow Help 2004-11-12 Steve Bonds (kzzvt3302 sneakemail com) (1 replies) Re: Buffer Overflow Help 2004-11-11 Steve Bonds (kzzvt3302 sneakemail com) On Wed Nov 10 2004 runixd wrote: > Depending on your version, options may very, but you should be able to > disable stack randomization by setting > /proc/sys/kernel/exec-shield-randomize to 0 > "echo 0 > /proc/sys/kernel/exec-shield-randomize" > and you can disable exec shield in /proc/sys/kernel [ more ] [ reply ] TEB buffer+Return Into LIBC based string copy exploitation 2004-11-10 varun uppal (varunuppal linuxmail org) (1 replies) Hi, I have put together some info on using the TEB (Thread Execution Block) Buffer and libc for exploiting NON-EXEC STACK Win32 environments. I havent come across any major public exploit using this method nor much of information on the same. The shell coders handbook was of great help though.T [ more ] [ reply ] Re: TEB buffer+Return Into LIBC based string copy exploitation 2004-11-11 Paul Webster (ptwebster datasecuritysoftware com) (1 replies) Re[2]: TEB buffer+Return Into LIBC based string copy exploitation 2004-11-13 3APA3A (3APA3A SECURITY NNOV RU) (1 replies) Re: Re[2]: TEB buffer+Return Into LIBC based string copy exploitation 2004-11-14 Paul Webster (ptwebster datasecuritysoftware com) (1 replies) Re: Re[2]: TEB buffer+Return Into LIBC based string copy exploitation 2004-11-15 Berend-Jan Wever (skylined edup tudelft nl) RE: Buffer Overflow Help 2004-11-10 Carlos Carvalho (h4sh globo com) Ok, let,s go. Im gonna describe the method that i use to find addresses and how to exploit then, i wrote the proper exploit for this vulnerable program in perl, i hope you understand (i dont code in C) Lets see some gdb : (gdb) r `perl -e 'print "A"x268'` The program being debugged has been starte [ more ] [ reply ] Buffer Overflow Help 2004-11-09 eip tampabay rr com (1 replies) I am trying to learn how to write a basic stack buffer overflow on linux. The program that I am exploiting is: void main (int argc, char **argv[]) { char buffer[256]; if (argc <=1) { printf("You did not enter any data\n"); exit (0); [ more ] [ reply ] |
|
Privacy Statement |
> bytes of the shellcode change while is running. Why?? How can avoid
> this?
The problem here is that some bytes in the shellcode are converted into
0x20. Namely, 0x0b (execve syscall number) is converted into 0x20 (gtty
[ more ] [ reply ]