Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
From: sachin shinde (sachinshinde11gmail.com)
Date: Wed Mar 17 2010 - 09:20:07 CDT
There is classic buffer/Stack overflow in wordpad.exe testing on winxp
sp 2.(is it already known?)
on text console wordpad.exe takes argument as a filename and there it happens.
but writing shellcode for it is very hard,Because wordpad changes
uppercase chars to lower case chars. if anyone any idea about this
Though it looks like local vulnerability we can trigger it remotely
write shellcode because of too many bad characters( of course can show
you int 3 (0xcc)) but would like 2 show the full proof of concept
Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia - http://secunia.com/