|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: [Dailydave] rootkit.com article
From: Dave Aitel (dave
immunitysec.com)
Date: Wed Jan 28 2004 - 13:03:16 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Does an off-by-one work? Windows is almost always exploitable that way.
- -dave
wirepair wrote:
| That is definitly a slick technique, too bad it doesn't have
| anything about the format of the string being oddly changed to
| unicode, but not containing the 00's. Problem I'm running into
| right now, kinda hard to overwrite anything useful (seeing as how
| handlers/exception filters are > 7f). -wire
|
| On Tue, 27 Jan 2004 18:29:41 -0500 Dave Aitel
| <daveimmunitysec.com> wrote:
|
|> I think its cool how greg hoglund documented some part of canvas
|> that I never did. :>
|>
|> http://www.rootkit.com/newsread.php?newsid=45
|>
|> -dave _______________________________________________ Dailydave
|> mailing list Dailydavelists.immunitysec.com
|> http://www.immunitysec.com/mailman/listinfo/dailydave
|
|
| -- Visit Things From Another World for the best comics, movies,
| toys, collectibles and more. http://www.tfaw.com/?qt=wmf
| _______________________________________________ Dailydave mailing
| list Dailydavelists.immunitysec.com
| http://www.immunitysec.com/mailman/listinfo/dailydave
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFAGAd0zOrqAtg8JS8RAuBhAJ94EuVBcxT4VJIIylKOf9/piPVp7wCfRaRF
dP5+gDNoE4jAXVVsjNcIy9Q=
=BHlA
-----END PGP SIGNATURE-----
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]