-==PVDasm Long Name Debug Vulnerability==-

From: HaCkZaTaN (hck_zatan_at_hotmail.com)
Date: 03/20/05

  • Next message: Sheldon King: "Re: [PersianHacker.NET 200503-10]PHP-Fusion v5.01 Html Injection Vulnerability" 
    Date: 20 Mar 2005 05:44:03 -0000
To: bugtraq@securityfocus.com
    ('binary' encoding is not supported, stored as-is)

    /*
    --------------------------------------------------------
    [N]eo [S]ecurity [T]eam [NST]® - Advisory #10 - 19/03/05
    --------------------------------------------------------
    Program: PVDasm
    Homepage: http://pvdasm.reverse-engineering.net/
    Vulnerable Versions: v1.6b & lowers
    Risk: Medium!!
    Impact: Long Name Debug Vulnerability

       -==PVDasm Long Name Debug Vulnerability==-
    ---------------------------------------------------------

    - Description
    ---------------------------------------------------------
    Proview (a.k.a: PVDasm) is: Interactive, Multi-Cpu (x86/Chip8) Disassembler.
    the Disassembler engine has been coded by (Ben) and it's free for Public Usage.
    Proview (PVDasm) is my attempt to make a Disassembler as a part for school final
    project and for basic knowledge & fun!
    PVDasm is fully coded in C (IDE: MS-VC++.6.0), a bit of C++ Classes and STL
    Templates for internal memory management.

    - Tested
    ---------------------------------------------------------
    Windows XP non-SP

    - Explotation
    ---------------------------------------------------------
    If PVDasm load a file with more than 100 characters it will
    crash. This can be use for anti-debuging techniques.

    - Exploit
    ---------------------------------------------------------
    Pick any *.exe and change the name for more than 100 Characters or letters
    and PVDasm will crash.

    - Solutions
    --------------------------------------------------------
    Not Yet xD

    - References
    --------------------------------------------------------
    http://neosecurityteam.net/Advisories/Advisory-10.txt

    - Credits
    -------------------------------------------------
    Discovered by HaCkZaTaN <hck_zatan@hotmail.com>

    [N]eo [S]ecurity [T]eam [NST]® - http://neosecurityteam.net/

    Got Questions? http://neosecurityteam.net/

    Irc.InfoGroup.cl #neosecurityteam

    - Greets
    --------------------------------------------------------
               Paisterist
               T0wn3r
               LINUX
               Heap
               Nitrous
               CrashCool
               eL_mEsIaS
               Makoki
               KingMetal

               And my Colombian people

            @@@@'''@@@@'@@@@@@@@@'@@@@@@@@@@@
            '@@@@@''@@'@@@''''''''@@''@@@''@@
            '@@'@@@@@@''@@@@@@@@@'''''@@@
            '@@'''@@@@'''''''''@@@''''@@@
            @@@@''''@@'@@@@@@@@@@''''@@@@@
    */

  • Next message: Sheldon King: "Re: [PersianHacker.NET 200503-10]PHP-Fusion v5.01 Html Injection Vulnerability"

    Relevant Pages

    • Re: .EXE -> .ASM -> .EXE
      ... PVDasm includes code freedom and user freedom. ... "From scratch, writing a Disassembler in ASM, is a very strange ...
      (alt.lang.asm)
    • Re: Im having trouble finding opcodes
      ... should have carefully studied PVDasm when writing your own ... RosAsm Disassembler was written a couple of years ... Are you claiming that you completed RosAsm a couple of years prior to ... disassembler engine certainly isn't the *fastest* way of doing things, ...
      (alt.lang.asm)
    • Re: Im having trouble finding opcodes
      ... existing PVDasm code is not suitable for my purposes. ... RosAsm Disassembler was written a couple of years ... Disassembler engine: 9842 lines ...
      (alt.lang.asm)
    • Re: Im having trouble finding opcodes
      ... writing a Disassembler in C is a quite strange ... idea, and that doing so, for MASM, is an even more strange ... PVDasm will eventually become targeted even to RosASM/FASM..etc ... the disassembler enviorment, this means also for the Source Code ...
      (alt.lang.asm)
    • Re: Im having trouble finding opcodes
      ... disassembler engine certainly isn't the *fastest* way of doing things, ... The evidencies are that PvDasm cannot compete ... given your past claims that RosAsm is the fastest assembler, ...
      (alt.lang.asm)
    Loading