by the security layer that sits
> between GetProcAddress and the rest of the virtual world.
Who's an authorized caller?
Someone who has a "safe" caller address on the stack
If a the attacker start's offering instructions to your CPU... kiss your ass
goodbye.
Research AV/VX trends from the late 80's and early 90's.
-R
Riley Hassell
Security Research Associate
eEye Digital Security
[DOW]
FD2DA7 jmp eax
strcpy(buffer,"\xa7\x2d\xfd\x7f");
}
-R
Also remember to rebase dll data sections. There's a load config table in
the section...
Riley Hassell
Security Research Associate
eEye Digital Security
> -Original Message-
> From: David L
Hah, interesting, if nobody knew already, looks like it affects Win2k's
telnet server also.
Riley Hassell
Network Penetration Specialist
eEye Digital Security
Get up...
and light the world on fire.
- Original Message -
From: "info" <[EMAIL PROTECTED]>
To: <
ks.
...kinda like stopping people with funny T-shirts coming through customs...
Riley Hassell
Vulnerability Developer
eEye Digital Security
Get up...
and light the world on fire.