lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <004901c2a807$3ec46150$6a01a8c0@gfserver>
From: andrew at generator.co.za (Andrew Thomas)
Subject: Format string and other vulnerabilities on win32

Visit http://www.Generator.co.za for more information

Hi,

I'm wondering if anyone has discovered and successfully exploited any format
string vulnerabilites on Win32?

I've played around with code in DJGPP environment, and broken the code, but not
been able to dedicate the time and effort to figuring out exactly what I was
getting out/in, and *where*.

Also, to find vulnerabilities in win32, Halvar Flake discussed using IDA Pro
with scripts to search for badly formed function calls. Has anyone used scripts
to do blackbox analysis on major products?

Lastly, considering that MS VC++ designed products use a standard library, would
it not be possible to investigate closed source applications and find e.g.
strcpy calls by setting breakpoints with SoftIce or some other debugger?

Regards,
  Andrew Thomas.


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ