hacking contest

hacking exploits security forum
hacking
compliance articles
upgrade backup exec
information security consultant
Help - Search - Member List - Calendar
GovernmentSecurity.org > The Archives > Exploit Articles
nmcog
Dec 10 2003, 01:40 AM
http://www.metasploit.com/opcode_search.html

I need to find the offset for WinNT SP6, which DLL do the RPC DCOM exploits use?

I know that the messenger exploit uses user32.dll and i can easily extract the offsets using Ollydbg

TIA
nmcog
Dec 10 2003, 08:08 PM
Nevermind, I found out myself.

Open svchost.exe in Ollydbg, ALT+E, open ntdll.dll, CTRL+F, search for CALL EBX
Done. smile.gif
yuliang11
Dec 11 2003, 01:31 AM
hey you guys have any links to learn exploit writting ?
Kynroxes
Dec 11 2003, 05:55 AM
w00w00 rulezzz !!!
u own man tks for this url !!
this is a super tight link !!
Hexboy
Dec 11 2003, 07:04 AM
Uhm...I'd figure most ISP's block common dcom related ports by now!
if you want a sweet ass exploit text,
Buffer overflows explained
covers heaps. but for ELF binaries, although the techniques are gold
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.
 
Invision Power Board © 2001-2005 Invision Power Services, Inc.