[Full-Disclosure] Compressed files overflow

From: Miguel Tarascó Acuña (tarako_at_gmail.com)
Date: 11/18/04

  • Next message: Martin Pitt: "[Full-Disclosure] [USN-30-1] Linux kernel vulnerabilities"
    To: full-disclosure@lists.netsys.com
    Date: Thu, 18 Nov 2004 23:54:10 +0100
    
    
    

    Microsoft Windows Vulnerability in Compressed (zipped) Folders (MS04-034)

    attached is a POC of this vulnerability..

    How to get new offsets:
      1) attach debugger (i.e ollydbg) to explorer.exe
      2) open the zip file as a folder and add or move some files to it
      3) search in the explorer.exe memory the shellcode and get the addresses

    
    

    _______________________________________________
    Full-Disclosure - We believe in it.
    Charter: http://lists.netsys.com/full-disclosure-charter.html



  • Next message: Martin Pitt: "[Full-Disclosure] [USN-30-1] Linux kernel vulnerabilities"