Help with this.

• Previous message: vuln-dev_at_securityfocus.com: "{Virus?} Re: Application"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: vuln-dev@securityfocus.com
Date: Mon, 14 Jul 2003 12:21:37 -0500

I'm starting to do win32 exploits and shellcoding, but I hit a problem when
a supposed vulnerable program won't segfault when run on my machine.

I wrote it in dev-cpp's ide with console mode template. When run on command
line on windows 2000 professional;

[ the A's were on the commandline, email client put it below]

C:\sources\vuln1
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                       [pretty sure it was sufficient]

C:\sources\

When finnished running, there is nothing; no output, no errors, no pop-up
boxes. Tried it as a regular user and as administrator.

However, when run with the same arguments on windows millenium, a standard
pop-up comes up stating that vuln1 has caused an error in <unknown> module
and will be shutdown. No detail button on the dialog though.

vuln1.c
--------------------------------------------
#include <stdio.h>
#include <stdlib.h>

int main(int argc, char *argv[])
{
char buffer[30];

if(argc > 1)
{
strcpy(buffer, argv[1]);
}

return(0);
}

Maybe dev-cpp changes the way strcpy functions? Or win2k works way diferent
than I expect? I've done exploits with linux and bsd, and to my knowledge
this should be the same. Any help would be greatly appreciated.

_________________________________________________________________
Add photos to your messages with MSN 8. Get 2 months FREE*.
http://join.msn.com/?page=features/featuredemail

• Previous message: vuln-dev_at_securityfocus.com: "{Virus?} Re: Application"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]