[<prev] [next>] [day] [month] [year] [list]
Message-ID: <20050510212149.72808.qmail@web60914.mail.yahoo.com>
Date: Tue May 10 22:21:58 2005
From: d4yj4y at yahoo.com (Day Jay)
Subject: PWCK Overflow POC Code Redhat/Suse older
	versions or something (maybe later too) 
I'm sorry for being such a bastard. After looking more
into this guy's site, it looks pretty sweet.
d.
--- Day Jay <d4yj4y@...oo.com> wrote:
> Jesus H. Christ!
> 
> I never "claimed" to be a master at c coding or
> being
> the greatest like this guy did and he *still*
> hardcoded his shit and he's probably still mad.
> 
> My code was short and sweet and worked, and it just
> demonstrated the bug. I never claimed to be a master
> c-coder. In fact, I never claim/ed to know how to
> code
> at all and people keep insisting I'm so good. :p
> 
> Everyone so far has gone off topic about the
> original
> message which was the POC code about the PWCK
> program
> that was flawed and then everyone decided to go dick
> waving for NO REASON. Maybe it's because you guys
> aren't getting laid or your anal adventures have had
> some downtime, who knows. So, my code works, and if
> people want to claim to be so good, go ahead-show us
> something though and stop talking and thinking you
> are
> so good.
> 
> 
> d.
> "Whitehats have the tendency to be scared/unable to
> apply black arts and instead clasp their theories
> and
> what ifs still never knowing what it was like to
> hack"
> 
> 
> --- Valdis.Kletnieks@...edu wrote:
> 
> > On Mon, 09 May 2005 10:09:59 PDT, Day Jay said:
> > > We all saw how short the code was I had for that
> > pwck
> > > buffer overflow exploit. He also hardcodes the
> > stack
> > > pointer, hahah.
> > 
> > Note that there's absolutely nothing wrong with
> > hardcoding the
> > stack pointer when the ABI makes it impossible for
> > it to have
> > any other value.  And if you actually knew C well
> > enough to read
> > the code, you'd see:
> > 
> >
>
/*------------------------------------------------------------------------
> >  * "Addr" is the predicted address where the
> > shellcode starts in the
> >  * environment buffer. This was determined
> > empirically based on a test
> >  * program that ran similarly, and it ought to be
> > fairly consistent.
> >  * This can be changed with the "-a" parameter.
> >  */
> > static long	addr = 0x7ffffc04;
> > 
> > So there's a default value, and a documented -a
> > switch to change it if needed.
> > 
> > Compare and contrast this with:
> > 
> >   offset = 1700; //the offset I first found worked
> > 
> > Who's doing the hardcoding here? Steve or the guy
> > who's code you ripped off?
> > 
> 
> 
> 
> 	
> 		
> __________________________________ 
> Do you Yahoo!? 
> Yahoo! Mail - You care about security. So do we. 
> http://promotions.yahoo.com/new_mail
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter:
>
http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia -
> http://secunia.com/
> 
		
Yahoo! Mail
Stay connected, organized, and protected. Take the tour:
http://tour.mail.yahoo.com/mailtour.html
Powered by blists - more mailing lists
 
