lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <43BA7BC5.2090307@heapoverflow.com>
Date: Tue Jan  3 13:28:01 2006
From: ad at heapoverflow.com (ad@...poverflow.com)
Subject: Win32 Heap Exploits

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
 
or this is because the bug he's working on has already been discovered
& patched by an exception throwing the control to an handler, for
example , you will notice exactly the same thing for the WINS bug
discovered by n.waisman, if you are trying to exploit it yet on a
patched ms box within ollydbg , you will be able to congrats because
the debugger is able to handle the exception apart of the program ,
but without of course it's not possible, wins.exe throw us to another
point, so anyway I bet the bug you are working on has been already
discovered and patched.


Nicolas RUFF wrote:
>> But if i execute the server without ollydbg there happen nothing.
>>  Have anybody an idea what i make wrong. Test on a winxp sp1
>> system.
>
> As pointed out multiple times, Windows heap is not the same whether
> the program is flagged as "being debugged" or not.
>
> You should always *attach* the debugger to the process and not run
> the process from within the debugger.
>
> Regards, - Nicolas RUFF
> _______________________________________________ Full-Disclosure -
> We believe in it. Charter:
> http://lists.grok.org.uk/full-disclosure-charter.html Hosted and
> sponsored by Secunia - http://secunia.com/
>
>
>
>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (MingW32)
 
iQIVAwUBQ7p7xa+LRXunxpxfAQJG2g/8DC+lPUQePKeSlFtA/APHtvijX90GG98c
d5csM329v8CUOYpFUes88Mixtg1EOv2omb4Tkk6dFBtU2oIDJ1QxD0P1x3JUW6Op
9rUhcpeLcZmxLpe4VU8izL5szJlfyiOnxPlH8TznCF5AX2svxwqfFcNTQritgC61
C6C6rLzxOg+qJteKChwIn4Y0zPEpYpqLqkXDoqCSrrWmwfD3sFVkUmor4GfE6vnl
T2tkJDViBq7vlKXpZs63Sr+9/J7UpB48CiugxZj08V37lxYlgXOuxV4agXwIcwFj
8CFV5GvmUi6N+u2LdFlFFaSzHT6GWPWyavtg4P0ND/0dgrYHPIwzMhR65VHdiWLT
vczI/6Fwi2OQjRfZXWKviWSpACb1qizNXTuobp0FzS9Nio7NKNrWEzIVFwdT6O+A
V56a6h8g5JoomSHkLJXTU6MWC5/TREJ6zh4kPr6dUYUdSrqJISKxN9ssorK7khik
jqlM/olO5brruQBb+ytPt4MmW0vRFhZocHlMlWAGb1dClLaInvNawZ6rDgCIXdxj
Q/tGK0jozgcDroaG2/DG7dhHndYROa9A0UFnJHlSfKX68hkwMbjpHsZVDRZ27QJF
ATXMEm0S2vfWaUDRbtS7Dgs5fea8+RVM0+5uHNqrbEQlKQq4LhB58pVkWW8k2vDg
GQ1BljBy3II=
=CQ2k
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ