Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
Subject: Re: remote exploit
From: Bluefish (11aGMX.NET)
Date: Sun Jul 09 2000 - 12:37:22 CDT
- Next message: Gerardo Richarte: "Re: Default passwords using Cisco ConfigMaker"
- Previous message: Steve Mosher: "Re: BitchX /ignore bug"
- Next in thread: Gerardo Richarte: "Re: remote exploit"
- Maybe reply: Bluefish: "Re: remote exploit"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Ah, *now* I get it ;) Sorry, no morning coffee ...
I thought he was within the shellcode and wanted to jump somewhere from
it. I suppose he could set return adress to another buffer if he can put
information somewhere with an adress which doesn´t contain a null (global
variable mayhap?)... Unless "all" addresses begins with 0x00, it ought to
be possible to exploit. But it could take a lot of work to locate where to
put it (nothing I have practicle experienced of, unfortunatly)
> Wouldn't work, since to be able to mov ax,A you have to be able to execute
> His problem is getting the right values on the stack to actually be able to
> I can't see any solution, except maybe returning into libc or whatever.