Dirty exploiting 101

Viewing 4 reply threads
  • Author
    • #6235

      So I was bored today, tinkering while on a conference call. (ADHD I tell you) I was messing around with Peach (fuzzer), ComRaider and WinDBG… Created a PoC demonstration of register control (ecx, ebc, eip) on Google Earth. Remember, the goal is to (dis)affect EIP in the longrun thereby obtaining control of EIP in some shape form or fashion.

      http://www.infiltrated.net/pwningGoogleEarth/ (7min 30 or so seconds)

    • #38965

      You totally lost me during the demo  ::)

      But I get the main idea… I hope  ???

      I am wondering if I am not too old for this field.
      Maybe I will start going deeper in Cobit and I will become a consultant that will teach others to better organize/protect themselves  😛

      Anyway, you really impressed me.
      Unfortunately we are not in the same city, otherwise I would have bought you a lot of beer.

    • #38966

      Nice job, sil!  Gosh, you get to have so much fun!

      Wish I had time for tinkering, some days.  My days, this week, were spent fixing issues with a customer’s s390x (zSeries) guests, cuz they have issues with broken patching (security specific, and all,) and was busy diving through gdb and debugging.

      Gonna have to make time to experiment and see what you did, in more detail, next week or so, if I’m lucky enough…

    • #38967

      I was about to give you a hard time for not throwing in some of your custom mixes, but then *BAM*, right at 11 seconds 😉

      That’s cool stuff. It’s unfortunately over my head at the moment, but it’s great that you keep putting out stuff like this. I’ve just caught up on the articles you’ve put out over the past few months as well. Keep it up dude; it’s much appreciated!

    • #38968

      More context and description (probably audio) would make this a useful learning tool. Right now it just shows what happened, without explaining why it happened or why you want step X to happen.

Viewing 4 reply threads
  • You must be logged in to reply to this topic.

Copyright ©2021 Caendra, Inc.

Contact Us

Thoughts, suggestions, issues? Send us an email, and we'll get back to you.


Sign in with Caendra

Forgot password?Sign up

Forgot your details?