Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
[Full-disclosure] Snort Back Orifice Preprocessor Exploit (Win32 targets)
From: Kira (trir00tgmail.com)
Date: Tue Nov 01 2005 - 04:32:04 CST
I wrote Snort Back Orifice Preprocessor Exploit for Win32 targets. It's for
educational purpose only.
This exploit was tested on
- Snort 2.4.2 Binary + Windows XP Professional SP1
- Snort 2.4.2 Binary + Windows XP Professional SP2
- Snort 2.4.2 Binary + Windows Server 2003 SP1
- Snort 2.4.2 Binary + Windows Server 2000 SP0
- Snort 2.4.2 Bianry + Windows 2000 Professional SP0
Note 01: This exploit was written in form of MetaSploit module, so you need
metasploit to launch it.
Note 02: The exploit's quite reliable, but if it doesn't work on your
machine, try to find address of 'jmp esp' instruction and replace it to the
old return address.
Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia - http://secunia.com/
- application/octet-stream attachment: snort_bo_overflow_win32.pm