lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Wed Apr 20 22:54:09 2005 From: d4yj4y at yahoo.com (Day Jay) Subject: FIXED CODE - IIS 6 Remote Buffer Overflow Exploit (was broken) Dear DIk, You are thinking local buffer overflows with your "think: ret=(int *)&ret+2;(*ret)=(int)shellcode;" Wow, I think I read smashing the stick for fun and profit a long time ago, but this is a remote root exploit, it's alittle different!! Damn newbie! I mean, how lame are you? --- dk <dk@...rchitects.com> wrote: > Day Jay wrote: > > Sorry, the previous code was broken. > > Definitely `borken'... I didn't even see one > /etc/passwd file in here! > Less obvious calls may catch more habitual FD code > runners next time > dude. [think: ret=(int > *)&ret+2;(*ret)=(int)shellcode;] > > ;-) > > > -- > dk > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: > http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - > http://secunia.com/ > __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com
Powered by blists - more mailing lists