question regarding w3who.dll bug

From: Martin Bernhard (woas_nix@gmx.net)
Date: Fri Jan 14 2005 - 03:49:47 EST

• Next message: Nazareno Vicente Feito: "Re: DoS/DDoS Attack"
• Previous message: Vince Hoang: "Re: Discovering users by RCPT TO"
• Next in thread: H D Moore: "Re: question regarding w3who.dll bug"
• Reply: H D Moore: "Re: question regarding w3who.dll bug"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Hi,

As one of our clients is running some IIS web servers with w3who.dll on
them, I figured that this would be a good place to start our pen test.
Unfortunately, the exploit in the new release of the Metasploit Framework
did not work on the most important servers (Windows 2000). I have access to
a test system that gives me the opportunity to analyze the bug in detail,
but I can’t figure out what parts in memory are overwritten. Does anybody
know what exactly I have to do to trigger the bug and analyze it (I’m using
ollydbg)?

Any help is much appreciated

-- 
+++ Sparen Sie mit GMX DSL +++ http://www.gmx.net/de/go/dsl
AKTION für Wechsler: DSL-Tarife ab 3,99 EUR/Monat + Startguthaben

• Next message: Nazareno Vicente Feito: "Re: DoS/DDoS Attack"
• Previous message: Vince Hoang: "Re: Discovering users by RCPT TO"
• Next in thread: H D Moore: "Re: question regarding w3who.dll bug"
• Reply: H D Moore: "Re: question regarding w3who.dll bug"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:54:13 EDT