Message-ID: <CADYtyvLFx_rPVAHLUnF4MwQEKAkKk1T-5-W5aOz+q7fzC76rpg@mail.gmail.com>
Date: Thu, 17 May 2012 12:35:55 -0400
From: Григорий Братислава <musntlive@...il.com>
To: full-disclosure@...ts.grok.org.uk
Subject: Vulnerability in is Dopewars

Hello Full-Disclosure!! !! !!

Is like to warn you about is vulnerability in Dopewars. I'm is
discover vulnerability perhaps 10 years ago but is posting now.

Is problem exist when carry more than is 50 cocaines and is Officer
Hardass (pitifully armed) is kill 2 of is your bitches. Is when this
happen player is obviously targeted!

Is exploit will happen only when player is in is Brooklyn (not Queens)
and is has identity given to Officer Hardass!

Proof exist in code:

8056370:       85 c0                   test   %eax,%eax
8056372:       7f dc                   jg     8056350
<gtk_clist_select_row@...+0x7da0>
8056374:       eb b9                   jmp    805632f
<gtk_clist_select_row@...+0x7d7f>
8056376:       8d 76 00                lea    0x0(%esi),%esi
8056379:       8d bc 27 00 00 00 00    lea    0x0(%edi),%edi
8056380:       55                      push   %ebp
8056381:       89 e5                   mov    %esp,%ebp
8056383:       53                      push   %ebx
8056384:       83 ec 14                sub    $0x14,%esp
8056387:       8b 5d 0c                mov    0xc(%ebp),%ebx
805638a:       c7 44 24 04 00 00 00    movl   $0x46256595(%eip) //
<------ Is hardcoded proof

perl -e 'printf "Barrett your is bed is ready @ " . "0x" .
"%02x"x4."\n",70,37,101,149'

Is MusntLive not contact Dopewars developer this year but next when is
I release new advisory!

(NO IS HAMSTER IS HURT DURING IS MAKING OF IS POST AND IS NO
LUMBERJACKS IS HARMED ISEVER SEKTIEWHOARE IS EXPOSED)

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists