|
Penetration Testing
mailing list archives
RE: Windows NT shellcode needed
From: "Aleksander P. Czarnowski" <alekc () avet com pl>
Date: Sat, 23 Jul 2005 00:23:12 +0200
You can check the classic publication:
Exploiting Windows NT 4.0 Buffer Overruns (A Case Study: RASMAN.EXE)
http://www.ngssoftware.com/papers/ntbufferoverflow.html
A lot of good tips on this topic can be also found in Shellcoder's handbook if you need introduction to more advance
topics on this platform. Also take a look at kungfoo project and MetaSploit for universal shellcodes.
Remember that you don't call Win32 API with syscall (int 80h) like in Linux but you need to have correct address to
issue call instruction.
Just my 2 cents
Best Regards,
Aleksander Czarnowski
AVET INS
-----Original Message-----
From: Mike Klingler [mailto:mike () securitymetrics com]
Sent: Friday, July 22, 2005 5:02 AM
To: pen-test () securityfocus com
Subject: Windows NT shellcode needed
-----BEGIN PGP SIGNED MESSAGE-----
Hash: RIPEMD160
I have found a more remote version of apache 1.3.4 win32 on a NT system.
It appears vulnerable, but I am having the hardest time locating shell
code for use against this system.
What are some good resources for creating shell code on windows NT 4.0
systems? I have done trivial buffer overflows in C on Linux, but don't
know how to make the jump to windows very well. Any thoughts out there?
Thanks.
Mike
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
iD8DBQFC4GHAQzWqtbsEFfgRA+tOAJ9Ky3YSM1DlrffeLkaiYg71S6HQtACgtZ/X
bCa1mYwOa8wNT91l1x45KzM=
=DAnz
-----END PGP SIGNATURE-----
 By Date 
By Thread
Current thread:
| 
Intro
