forza
Jan 30 2005, 03:46 PM
In October 2004 it was discovered by MaxPatrol team that it is possible to defeat Microsoft® Windows® XP SP2 Heap protection and Data Execution Prevention mechanism. As a result it is possible to implement:
Arbitrary memory region write access (smaller or equal to 1016 bytes)
- Arbitrary code execution
- DEP bypass.
http://www.maxpatrol.com/ptmshorp.asp
Spiffypat
Jan 30 2005, 08:06 PM
Very interesting, anyone else check out the article?
Ariticle can be found here. With the code at the end of the article (changed it around a little bit) I succesfully exploited my friends machine. Thanks for the info.
uzzi
Feb 1 2005, 03:01 AM
anyone copiled the sorece???? i need it pls for testing on some computers...
tnx
Trackmaster
Feb 1 2005, 03:57 AM
spiffypat would you care to ellaborate with what u did to the code and how u exploited your friends machine.
Help appreciated.
whi7er
Feb 2 2005, 02:47 PM
uzzi please don't ask for compile requests, im sure all you need to do is get LCC or DEV-C++ - or a combination of both and play with them a little bit. anyway, if this is true WIndows 2003 Server family can also be exploited
jead99
Feb 2 2005, 05:21 PM
Indeed Windows Server 2003 can be exploited there are several papers on this.
Btw. here is a nice link on different "Exploit Mitigation Techniques":
http://laurens.netric.org/OpenBSD/papers/E...tionTechniques/
leviathan
Feb 6 2005, 12:29 PM
QUOTE(jead99 @ Feb 2 2005, 05:21 PM)
Btw. here is a nice link on different "Exploit Mitigation Techniques":
http://laurens.netric.org/OpenBSD/papers/E...tionTechniques/Interesting pictures/powerpoint (I guess), though it looks a bit weird at the beginning, somehow has the flair of that "DNS for dummies"-thing in the Open Topic
