im back..ill start posting my proxys back again abit later.
jeeze its been a while
i miss this place.any of you guys got your hands on that Windows Source Code?
apparently its riddled with Comments and stuff...quite the laugh
anyway, recently (25th of Feb 2004) theres been a new exploit out.
A vulnerability has been reported in Windows XP, which potentially can be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to boundary errors (possibly in "shimgvw.dll") when processing Enhanced Metafiles (".emf"). The problem is that memory is allocated based on size information in the file's header.
This can be exploited to cause heap overflows by specifying a "Size" field, which is smaller (e.g. 1 byte) than the actual size of the file and header. The vulnerability will be triggered by either viewing a malicious file or by navigating to a directory, which contains a malicious file and displays it as a thumbnail.
Successful exploitation crashes "explorer.exe" but may reportedly also allow execution of arbitrary code.
NOTE: Windows Metafiles (".wmf") with malformed "Size" fields will also impact functionality somewhat by consuming 99% CPU resources.
any of you sweet coders out there can code us all one youll be the top man.
if anyones got links as well that would be pretty good too.
apparently this can be exploited Remotley... im not sure if they mean you can send it from another machine but i think it all comes down into the end where they have to open it.
either way its still going to be interesting.
i couldnt help think how devestated Microsoft would be if the entire Windows 2000 source code got leaked out. Can you imagine the horror?
something like DALNet would become a breeding ground for random windows victims. Anyway. if any of you got some exploits for this that would be totaly sweet...i know its still pretty new but yeah.
Biography
---------------
http://secunia.com/advisories/10968/
http://www.securityfocus.com/bid/9707
thanks guys
