Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: RE: WMF round-up, updates and de-mystification
From: InfoSecBOFH <infosecbofh () gmail com>
Date: Thu, 5 Jan 2006 04:16:30 -0800

for what it is worth.  I am able to modify versions of the WMF exploit
and bypass products like that POS pvix crap as well as the current
available snort sigs...

On 1/4/06, Piotr Bania <bania.piotr () gmail com> wrote:
Hola,

Seems that almost everybody is really aware of WMFs vulnerabilities, due
to that fact I decided to test "WMF Remote Code Execution Exploit
(0day)" by H D Moore against my shellcode prevention system (Protty).

If someone is interrested here is the video file:
http://www.piotrbania.com/all/protty_vs_wmf_exploit.avi

(Ah, btw. it was tested on my old machine with some really slow CPU
model so forgive me the video lags...)


best regards,
Piotr Bania

--
--------------------------------------------------------------------
Piotr Bania - <bania.piotr () gmail com> - 0xCD, 0x19
Fingerprint: 413E 51C7 912E 3D4E A62A  BFA4 1FF6 689F BE43 AC33
http://www.piotrbania.com  - Key ID: 0xBE43AC33
--------------------------------------------------------------------

              - "The more I learn about men, the more I love dogs."
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault