iis50_printer_overflow

[dave.killion at gmail.com (Dave Killion)]

Sonixxfx,

While I don't have much to offer on exploit-writing in general, I do
remember when this issue came out, those many years ago.  The original
jill.c was the first 'kiddie-script-exploit' that I got working effectively
against remote targets.

Here's all the info I can remember about this issue - I don't know how much
it you already have:

http://www.microsoft.com/technet/security/bulletin/ms01-023.asp

http://archives.neohapsis.com/archives/bugtraq/2001-05/0006.html

http://www.securityfocus.com/bid/2674/discuss

http://www.cert.org/advisories/CA-2001-10.html

http://nvd.nist.gov/nvd.cfm?cvename=CVE-2001-0241

Here's a link to the exploit C code I mentioned:

http://personal.telefonica.terra.es/web/alexb/e/jill.c

Maybe looking through it, despite your lack of C knowledge, will help some.
It really is compile-and-own script-kiddie-friendly code.

I hope these help...

--
Dave Killion, CISSP
Contributing Author, Configuring NetScreen Firewalls

On 3/3/06, Sonixxfx <sonixxfx at gmail.com> wrote:
> It seems to me it would be good to do additional reading on this subject.
> I have seen some intresting things under the links section on the Metasploit
> website. Please let me know about other material I should read, especially
> if it would be a good addtion to Vinnie Liu's Chapter.
>
> Thanks.
>
> Regards,
>
> Ben
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.metasploit.com/pipermail/framework/attachments/20060304/f0df0687/attachment.htm>