lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <ca67aa9e0511010255j441dca54n1e1e0b4c40ca5548@mail.gmail.com>
Date: Tue Nov  1 10:55:10 2005
From: trir00t at gmail.com (Kira)
Subject: Snort Back Orifice Preprocessor Exploit (Win32
	targets)

Dear All

I wrote Snort Back Orifice Preprocessor Exploit for Win32 targets. It's for
educational purpose only.
This exploit was tested on

- Snort 2.4.2 Binary + Windows XP Professional SP1
- Snort 2.4.2 Binary + Windows XP Professional SP2
- Snort 2.4.2 Binary + Windows Server 2003 SP1
- Snort 2.4.2 Binary + Windows Server 2000 SP0
- Snort 2.4.2 Bianry + Windows 2000 Professional SP0

Note 01: This exploit was written in form of MetaSploit module, so you need
metasploit to launch it.
Note 02: The exploit's quite reliable, but if it doesn't work on your
machine, try to find address of 'jmp esp' instruction and replace it to the
old return address.

Regards,

Kira
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20051101/c8f17fb4/attachment.html
-------------- next part --------------
A non-text attachment was scrubbed...
Name: snort_bo_overflow_win32.pm
Type: application/octet-stream
Size: 3507 bytes
Desc: not available
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20051101/c8f17fb4/snort_bo_overflow_win32.obj

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ