Offsets For Xploits

GovernmentSecurity.org > The Archives > General Network Security

SkyRaVeR

Jan 9 2004, 02:40 PM

Hi !

I've go a problem... I want 2 try the rpc_wks_bo.c xploit on my home xp (sp1 german)...

i use findjmp user32.dll esp 2 get offset...

the offsets in the original xploits are eg.

{ "Window XP + SP1 + Rollup [Rus] ", 0x77f9980f }, // 0x77d637db(user32.dll)

My question is how the offset "0x77f9980f" is found because the one which is uncommented (0x77d637db) nearly equals the ones of english / german user32.dll.. well at least 0x77dxxxxx is the same.. but 0x77f is found in none of the registers

Can some1 help me out pls? would be nice if some1 could post the complete offsets of any russian (pro) xp... (user32.dll esp) with findjmp...

th@nx, Sky

ST.

Jan 19 2004, 10:51 PM

iiits quite hard for me :)))

This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.


Help - Search - Member List - Calendar Full Version: Offsets For Xploits GovernmentSecurity.org > The Archives > General Network Security SkyRaVeR Jan 9 2004, 02:40 PM Hi ! I've go a problem... I want 2 try the rpc_wks_bo.c xploit on my home xp (sp1 german)... i use findjmp user32.dll esp 2 get offset... the offsets in the original xploits are eg. { "Window XP + SP1 + Rollup [Rus] ", 0x77f9980f }, // 0x77d637db(user32.dll) My question is how the offset "0x77f9980f" is found because the one which is uncommented (0x77d637db) nearly equals the ones of english / german user32.dll.. well at least 0x77dxxxxx is the same.. but 0x77f is found in none of the registers Can some1 help me out pls? would be nice if some1 could post the complete offsets of any russian (pro) xp... (user32.dll esp) with findjmp... th@nx, Sky ST. Jan 19 2004, 10:51 PM iiits quite hard for me :))) This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.