By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
424,986 Members | 1,905 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 424,986 IT Pros & Developers. It's quick & easy.

query: Windows exploits (random stack frame pointer)

P: n/a
Hi All,

I have written exploits for binaries with fixed stack frame pointer.
But now a days most of the compliers generates instrutions with random
stack frame pointer. And with injecting Windows API function addresses,
how can we inject the argument address for foreign exe?

How can I go about writing exploits for such codes?

Note: Most of the codes that I would like to write exploits is having
sprintf/sscanf stuffs.

Thanks
becks

Apr 12 '06 #1
Share this Question
Share on Google+
2 Replies


P: n/a
"bekz" <be******@gmail.com> writes:
I have written exploits for binaries with fixed stack frame pointer.
But now a days most of the compliers generates instrutions with random
stack frame pointer. And with injecting Windows API function addresses,
how can we inject the argument address for foreign exe?

How can I go about writing exploits for such codes?

Note: Most of the codes that I would like to write exploits is having
sprintf/sscanf stuffs.


This is entirely off-topic in comp.lang.c. Even if it were topical, I
certainly *hope* that nobody would help you with this. Are you trying
to write viruses?

--
Keith Thompson (The_Other_Keith) ks***@mib.org <http://www.ghoti.net/~kst>
San Diego Supercomputer Center <*> <http://users.sdsc.edu/~kst>
We must do something. This is something. Therefore, we must do this.
Apr 12 '06 #2

P: n/a
On 2006-04-12 18:36:18 +0200, Keith Thompson <ks***@mib.org> said:
"bekz" <be******@gmail.com> writes:
I have written exploits for binaries with fixed stack frame pointer.
But now a days most of the compliers generates instrutions with random
stack frame pointer. And with injecting Windows API function addresses,
how can we inject the argument address for foreign exe?

How can I go about writing exploits for such codes?

Note: Most of the codes that I would like to write exploits is having
sprintf/sscanf stuffs.


This is entirely off-topic in comp.lang.c. Even if it were topical, I
certainly *hope* that nobody would help you with this. Are you trying
to write viruses?


Worms, definitely not viruses.

--
Sensei <se******@mac.com>

The optimist thinks this is the best of all possible worlds.
The pessimist fears it is true. [J. Robert Oppenheimer]

Apr 12 '06 #3

This discussion thread is closed

Replies have been disabled for this discussion.