Luigi Auriemma

aluigi.org (ARCHIVE-ONLY FORUM!)
It is currently 19 Jul 2012 11:46

View unanswered posts | View active topics


Board index » aluigi.org » Patches

All times are UTC [ DST ]




Forum locked This topic is locked, you cannot edit posts or make further replies.  Page 1 of 1
  [ 2 posts ] 
  Print view Previous topic | Next topic 
Author Message
kashif570
 Post subject: vlc player
PostPosted: 02 Feb 2009 00:05 

Joined: 01 Feb 2009 23:56
Posts: 1
HI,

I am a M.Sc student at HUT (TKK), Finland. I am working on VLC player vulnerabilities for the hacking course.

I have seen your post on the buffer overflow problems of VLC player.

I need to know how can I exploit it to make it more severe. You said I can execute my own codes via the subtitle file.

In windows system, can you explain me how can I gather some important information using that file, with an example code if possible.

Thanks
Kashif
Top
 Profile  
 
 
aluigi
 Post subject: Re: vlc player
PostPosted: 02 Feb 2009 01:20 

Joined: 13 Aug 2007 21:44
Posts: 4068
Location: http://aluigi.org
well, basically you should download my vlcboffs proof-of-concept, edit vlcbof.ssa adding two things:
- the return address for jumping to the shellcode (for example the usual address of a JMP ESP)
- a shellcode, better if alphanumeric

so the usual "technique".
if you need I can also create an example and commenting it a bit
Top
 Profile  
 
Display posts from previous:  Sort by  
Forum locked This topic is locked, you cannot edit posts or make further replies.  Page 1 of 1
  [ 2 posts ] 

Board index » aluigi.org » Patches

All times are UTC [ DST ]

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for: