|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: [Full-Disclosure] Nice call to ebx found
From: Thierry Haven (thierry.haven
xmcopartners.com)
Date: Fri Feb 11 2005 - 03:55:41 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Nice one indeed... However this is not the case for Windows XP because
the code was recompiled and/or modified with the introduction of the
SP2. I guess you noticed it before I did, anyway ... ;)
Windows XP SP1 (French) - call 0x77BFD24C - msvcrt.dll
Windows XP SP2 (French) - call 0x77BFE89C - msvcrt.dll
_______________________________________
Thierry Haven - Xmco Partners
Security Consulting / Pentest
web : http://www.xmcopartners.com
class 101 wrote:
> During the build of an exploit , I have found with the help of Dwarf,
> a nice call to ebx for the win2k platforms,
> pro *_AND_* server, *_SP4's_* serie, *_ALL _*languages.
> This might help some people to point out this.
>
> 0x7801B008.msvcrt.dll
>
>
> -------------------------------------------------------------
> class101
> Jr. Researcher
> Hat-Squad.com
> -------------------------------------------------------------
>
>------------------------------------------------------------------------
>
>_______________________________________________
>Full-Disclosure - We believe in it.
>Charter: http://lists.netsys.com/full-disclosure-charter.html
>
>
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]