Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Shattering By Example

From: "Brett Moore" <brett.moore () security-assessment com>
Date: Fri, 10 Oct 2003 15:15:59 +1300
A new white paper on shatter attcks has been released and is available 
from our website;

www.security-assessment.com/Papers/Shattering_By_Example-V1_03102003.pdf 

This white paper includes information from both shatterseh2.txt and
shatterseh3.txt.

It also includes a shatter attack exploit against statusbars that uses
the following messages;
* WM_SETTEXT
* SB_SETTEXT
* SB_GETTEXTLENGTH
* SB_SETPARTS
* SB_GETPARTS

and demonstrates the following techniques.
* brute forcing a useable heap address
* placing structure information inside a process
* injecting shellcode to known location
* overwriting 4 bytes of a critical memory address

Any feedback or followup to this is most welcome,

Regards

Brett Moore
Network Intrusion Specialist
www.security-assessment.com

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Previous By Date Next
Previous By Thread Next

Current thread: