Hosting Provided By

Format string and other vulnerabilities on Win32

From: Andrew Thomas <andrewt(at)nmh.co.za>
Date: Fri Dec 20 2002 - 04:04:18 EST

Hi,

I'm wondering if anyone has discovered and successfully exploited any format string vulnerabilites on Win32?

I've played around with code in DJGPP environment, and broken the code, but not been able to dedicate the time and effort to figuring out exactly what I was getting out/in, and *where*.

Also, to find vulnerabilities in win32, Halvar Flake discussed using IDA Pro with scripts to search for badly formed function calls. Has anyone used scripts to do blackbox analysis on major products?

Lastly, considering that MS VC++ designed products use a standard library, would it not be possible to investigate closed source applications and find e.g. strcpy calls by setting breakpoints with SoftIce or some other debugger?

Regards,
Andrew Thomas. Received on Fri Dec 20 17:43:53 2002

This message: [ Message body ]
Next message: Frank Knobbe: "Unsubscribe DoS"
Previous message: Slow2Show: "Re: Cross site scripting explained"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:07:37 EDT