Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Vulnerability Development mailing list archives

Shell code -RVA techniques or something similar
From: "Gary O'leary-Steele" <garyo () sec-1 com>
Date: Thu, 26 Sep 2002 15:54:25 +0100
Hi,

I am looking for documentation/tutorial on writing shell code for Windows.
Specifically using RVA techniques or something similar to make my shell code
service pack independent.


The problem I am experiencing is that all the exploits I have written in the
past use fixed addresses within Kernel32.dll such as the offset for winexec
or loadlibrarya and getprocaddress. Therefore a variation in service pack
etc causes my exploit to fail.


Thanks in advance.


Kind Regards,

Gary

  By Date           By Thread  

Current thread:
  • Shell code -RVA techniques or something similar Gary O'leary-Steele (Sep 26)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]