lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
From: mnv at alumni.princeton.edu (MN Vasquez)
Subject: New Security paper released

While I'm not a coder, I've always heard that it can be dirty work.  After
reading this paragraph in your paper:

" We've used just 10 numbers in this sequence, so our buffer was 1 for
alignment and the numbers 1 2 3 4 5 6 7 8 9 1 with shits between them,
so....as the number in eip was 2 (32323232) we just reached what we wanted
;)."

I now know why buffer overflow coding is not for me.  Maybe you reached what
you wanted, but umm, speak for yourself...

;-)



----- Original Message ----- 
From: "shadown" <shadown@...il.com>
To: <full-disclosure@...ts.netsys.com>; <bugtraq@...urityfocus.com>;
<vuln-dev@...urityfocus.com>
Sent: Monday, September 13, 2004 4:24 PM
Subject: [Full-Disclosure] New Security paper released


> Hi,
>
>   I've just released 'Win32 Stack BufferOverFlow Real Life Vuln-Dev
> Process' paper.
>   Which covers the hole process of vuln-dev, from discovering the bug
> till exploiting it.
>   You can download it from: http://hack3rs.org/~shadown/Twister/
>   I hope you'll enjoy it.
>   Cheers,
>      shadown
> -- 
> Sergio Alvarez
> Security, Research & Development
> IT Security Consultant
> email: shadown@...il.com
>
> This message is confidential. It may also contain information that is
> privileged or otherwise legally exempt from disclosure. If you have
> received it by mistake please let us know by e-mail immediately and
> delete it from your system; should also not copy the message nor
> disclose its contents to anyone. Many thanks.
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ