Hey all,
Found another noteworthy overflow. I don't know the potential capabilties of
this overflow. But what the hell, I'll send it in anyways :)

Here are the steps to replicate this problem.
1.) Open up MSDEV
2.) Load up a sample program. For this lets load C:\winnt\system32\net1.exe
3.) When it's loaded press Alt+F7.
4.) Go to the debug tab.
5.) In the arguments type "send localhost Ax3000" (Send a lot. Probably
around 3000 or so. I haven't narrowed the buffer down yet.)
6.) Click OK and execute the program by CTRL+F5.
7.) The net1.exe should heap overflow (just like how I found before).
8.) Exit net1.exe and then press F5 in MSDEV.
9.) Wait a couple seconds and then gape at it's nice overflow.

For mine I send char 'x'. Just cause I like x: The instruction at
"0x73e2c22d" referenced memory at "0x78787878". The memory could not be
"read".

Nice isn't it?
I'll investigate it more after I am done investigating the heap overflow in
net.exe.
If your interested in researching this feel free to. I'd just like credit
for finding it :)

Have fun,
p0p t4rtz
p0pt4rtzhotmail.com
Netcrash Security Research
http://www.netcrash.wronger.com

_________________________________________________________________
MSN Photos is the easiest way to share and print your photos:
http://photos.msn.com/support/worldwide.aspx

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]