[Full-Disclosure] Compressed files overflow

From: Miguel Tarascó Acuña (tarako_at_gmail.com)
Date: 11/18/04

Next message: Martin Pitt: "[Full-Disclosure] [USN-30-1] Linux kernel vulnerabilities"

Previous message: ifconfig_xl0: "[Full-Disclosure] Gmail anomaly"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: full-disclosure@lists.netsys.com
Date: Thu, 18 Nov 2004 23:54:10 +0100

Microsoft Windows Vulnerability in Compressed (zipped) Folders (MS04-034)

attached is a POC of this vulnerability..

How to get new offsets:
  1) attach debugger (i.e ollydbg) to explorer.exe
  2) open the zip file as a folder and add or move some files to it
  3) search in the explorer.exe memory the shellcode and get the addresses

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

application/octet-stream attachment: ZipMe_.cpp

Next message: Martin Pitt: "[Full-Disclosure] [USN-30-1] Linux kernel vulnerabilities"

Previous message: ifconfig_xl0: "[Full-Disclosure] Gmail anomaly"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]