Re: PocketPC exploitation

From: Nicolas RUFF (nicolas.ruff_at_gmail.com)
Date: 09/19/05

  • Next message: Jose Morales: "PocketPC exploitation"
    Date: Mon, 19 Sep 2005 17:47:14 +0200
    To: "Vuln-Dev@Securityfocus. Com" <vuln-dev@securityfocus.com>
    
    

    > i would like to know if some of you have experience with exploitation of
    > PocketPCs and could give me some ways and tools (debugger...).
    > since some vulns come ( http://www.securityfocus.com/bid/13807 )
    > I know that writing a DLL (Fuser) is quite easy with eVC++ (Embedded),
    > so a "download and execute"-like shellcode could be amazing...

    Pointers to begin with :

    - Microsoft Embedded Visual C++, with on-target debugging :
    http://www.microsoft.com/downloads/details.aspx?FamilyID=1dacdb3d-50d1-41b2-a107-fa75ae960856&displaylang=en

    - Phrack #63 "Hacking Windows CE"
    http://www.phrack.org/phrack/63/p63-0x06_Hacking_WindowsCE.txt

    - And the upcoming IDA Pro 4.9 with Windows CE on-target debugging :
    http://www.datarescue.com/idabase/wince/index.htm

    Regards,
    - Nicolas RUFF
    Security researcher @ EADS-CCR


  • Next message: Jose Morales: "PocketPC exploitation"