From: matt (matt@learnsecurityonline.com)
Date: Sat Jul 23 2005 - 12:08:27 EDT
Hey there, I recommend you check the archive of windows shell code at
metasploit, www.metasploit.com
Regards
Matt
Learn Security Online, Inc.
* Security Games * Simulators
* Challenge Servers * Courses
* Hacking Competitions * Hacklab Access
http://www.learnsecurityonline.com
Aleksander P. Czarnowski wrote:
>You can check the classic publication:
>Exploiting Windows NT 4.0 Buffer Overruns (A Case Study: RASMAN.EXE)
>http://www.ngssoftware.com/papers/ntbufferoverflow.html
>
>A lot of good tips on this topic can be also found in Shellcoder's handbook if you need introduction to more advance topics on this platform. Also take a look at kungfoo project and MetaSploit for universal shellcodes.
>
>Remember that you don't call Win32 API with syscall (int 80h) like in Linux but you need to have correct address to issue call instruction.
>Just my 2 cents
>Best Regards,
>Aleksander Czarnowski
>AVET INS
>
>
>
>
>>-----Original Message-----
>>From: Mike Klingler [mailto:mike@securitymetrics.com]
>>Sent: Friday, July 22, 2005 5:02 AM
>>To: pen-test@securityfocus.com
>>Subject: Windows NT shellcode needed
>>
>>
>>-----BEGIN PGP SIGNED MESSAGE-----
>>Hash: RIPEMD160
>>
>>I have found a more remote version of apache 1.3.4 win32 on a NT system.
>> It appears vulnerable, but I am having the hardest time locating shell
>>code for use against this system.
>>
>>What are some good resources for creating shell code on windows NT 4.0
>>systems? I have done trivial buffer overflows in C on Linux, but don't
>>know how to make the jump to windows very well. Any thoughts out there?
>> Thanks.
>>
>>Mike
>>-----BEGIN PGP SIGNATURE-----
>>Version: GnuPG v1.4.1 (GNU/Linux)
>>Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
>>
>>iD8DBQFC4GHAQzWqtbsEFfgRA+tOAJ9Ky3YSM1DlrffeLkaiYg71S6HQtACgtZ/X
>>bCa1mYwOa8wNT91l1x45KzM=
>>=DAnz
>>-----END PGP SIGNATURE-----
>>
>>
>
>
>
>
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:54:37 EDT