mailing list archives
From: jms at bughunter.ca (J. M. Seitz)
Date: Tue, 20 Feb 2007 15:49:48 -0800
I am not sure if this is the list I should be posting to, but I am curious
(of course I may be a newb here as well). I have an overflow in an ActiveX
control, and have overwritten the return address to point to my NOP sled
followed by my shellcode. Now without the returnaddress+NOP+shellcode IE
crashes (0x90909090) and with it properly aligned IE continues to execute
correctly, but no calc.exe love comes up.
Are there any characters I should be filtering out on the shellcode
generator or any other gotchas I should be aware of when doing this type of
work? Any help would be greatly appreciated.
-------------- next part --------------
An HTML attachment was scrubbed...