lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <AANLkTinwE1MmCoirErSqQdf0xaPNyyfPUzz1bFfP5-QY@mail.gmail.com>
Date: Thu, 2 Sep 2010 11:03:01 +0200
From: Christian Sciberras <uuf6429@...il.com>
To: Darren McDonald <athena@...donald.net>
Cc: full-disclosure@...ts.grok.org.uk
Subject: Re: DLL hijacking POC (failed, see for yourself)

Thanks Darren, that was very enlightening.
Considering those facts, where are we at in fixing this whole issue?

Cheers,
Chris.





On Thu, Sep 2, 2010 at 10:37 AM, Darren McDonald <athena@...donald.net>wrote:

> http://support.microsoft.com/kb/2264107
>
> On Thu, Sep 2, 2010 at 10:30 AM, Christian Sciberras <uuf6429@...il.com>
> wrote:
> > As I said above, it was tested on Windows 7 64bit.
> > As to the dll as far as I know, I'm not sure about that, however, it
> should
> > be an easy matter of checking the binary file.
> > Currently, I'm not on a terminal which I can do that, though.
> >
> > Cheers,
> > Chris.
> >
> >
> > 2010/9/2 YGN Ethical Hacker Group <lists@...g.net>
> >>
> >> Is your Windows 7 64-bit ?
> >> Your DLL is  64-bit compatible?
> >
> >
> > _______________________________________________
> > Full-Disclosure - We believe in it.
> > Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> > Hosted and sponsored by Secunia - http://secunia.com/
> >
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>

Content of type "text/html" skipped

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ