[Full-disclosure] windows vulnerability? [was: Re: [Code-Crunchers] 137 bytes]
- From: Gadi Evron <ge@xxxxxxxxxxxx>
- Date: Wed, 8 Nov 2006 05:49:11 -0600 (CST)
On Wed, 8 Nov 2006, onisan wrote:
One thing is in this makes it even more interesting, most of the firewalls
do not block this download, so it's smallest and most dangerous downloader
at the same time :o
What Alex did is very impressive! Matthew Murphy came up with the idea
originally, I think, but it doesn't take from this amazing work in any
way.
*awe struck*
I'd say more though, it's a vulnerability.
If you can load a library remotely, and do so with no problems, it's a
vulnerability in Windows. I am not sure of what kind quite yet.
The mother of all downloaders.
"The Zone has a new King!" <we're not worthy x3>
-- Jeff, Coupling (BBC, UK).
Gadi.
-- G
2006/11/8, Solar Eclipse <solareclipse@xxxxxxxxxxxx>:
On Tue, Nov 07, 2006 at 10:56:42AM -0800, Peter Ferrie wrote:
Why is the idata size present? AFAIK, no Windows version checks it.
Four bytes shorter, then (stop at the idata rva non-zero byte)?
You're right, you can remove the last field and bring the file size down
to 133 bytes. That's what I get for claiming that the size can't be
improved :-)
Solar
_______________________________________________
Code-Crunchers mailing list
Code-Crunchers@xxxxxxxxxxxxxxxxxxxxxx
http://whitestar.linuxbox.org/mailman/listinfo/code-crunchers
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
- Follow-Ups:
- Prev by Date: Re: [Full-disclosure] The Month of Kernel Bugs (MoKB)
- Next by Date: [Full-disclosure] Lotus Notes pre-login User.ID key leak
- Previous by thread: [Full-disclosure] OpenBase SQL multiple vulnerabilities Part Deux
- Next by thread: Re: [Full-disclosure] windows vulnerability? [was: Re: [Code-Crunchers] 137 bytes]
- Index(es):
Relevant Pages
|
