Home page logo

fulldisclosure logo Full Disclosure mailing list archives

Re: PWCK Overflow POC Code Redhat/Suse older versions or something (maybe later too)
From: Day Jay <d4yj4y () yahoo com>
Date: Mon, 9 May 2005 11:22:46 -0700 (PDT)

Jesus H. Christ!

I never "claimed" to be a master at c coding or being
the greatest like this guy did and he *still*
hardcoded his shit and he's probably still mad.

My code was short and sweet and worked, and it just
demonstrated the bug. I never claimed to be a master
c-coder. In fact, I never claim/ed to know how to code
at all and people keep insisting I'm so good. :p

Everyone so far has gone off topic about the original
message which was the POC code about the PWCK program
that was flawed and then everyone decided to go dick
waving for NO REASON. Maybe it's because you guys
aren't getting laid or your anal adventures have had
some downtime, who knows. So, my code works, and if
people want to claim to be so good, go ahead-show us
something though and stop talking and thinking you are
so good.

"Whitehats have the tendency to be scared/unable to
apply black arts and instead clasp their theories and
what ifs still never knowing what it was like to hack"

--- Valdis.Kletnieks () vt edu wrote:

On Mon, 09 May 2005 10:09:59 PDT, Day Jay said:
We all saw how short the code was I had for that
buffer overflow exploit. He also hardcodes the
pointer, hahah.

Note that there's absolutely nothing wrong with
hardcoding the
stack pointer when the ABI makes it impossible for
it to have
any other value.  And if you actually knew C well
enough to read
the code, you'd see:

 * "Addr" is the predicted address where the
shellcode starts in the
 * environment buffer. This was determined
empirically based on a test
 * program that ran similarly, and it ought to be
fairly consistent.
 * This can be changed with the "-a" parameter.
static long   addr = 0x7ffffc04;

So there's a default value, and a documented -a
switch to change it if needed.

Compare and contrast this with:

  offset = 1700; //the offset I first found worked

Who's doing the hardcoding here? Steve or the guy
who's code you ripped off?

Do you Yahoo!? 
Yahoo! Mail - You care about security. So do we. 
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]