[framework] learning buffer overflows

[Ty Miller]

Hi,

Not sure how far along you are with your exploit writing; however, I posted
recently asking a similar question about where I should start and was
referred to the following articles which are all fantastic! ... Ready to get
my hands dirty! ;o)

Writing Exploits III (awesome detail and explanations)
http://www.syngress.com/book_catalog/327_SSPC/sample.pdf

Simple Metsploit in Action! (practical tutorial)
http://www.milw0rm.com/papers/125

Writing Metasploit Plugins
http://packetstormsecurity.org/hitb06/DAY_1_-_Saumil_Shah_-_Writing_Metasplo
it_Plugins.pdf

Exploit Development: GroupWise Messenger Server
http://www.milw0rm.com/papers/56

Security Whitepapers - hacking tutorials
https://www.securinfos.info/english/security_papers_hacking_whitepapers.php

Milworm Papers
http://www.milw0rm.com/papers/

Up & Running with the Metasploit Framework
https://www.sans.org/athome/details.php?nid=1956

Uninformed
http://www.uninformed.org/


Hope this helps,
Ty


-----Original Message-----
From: /dev/null [mailto:exceed at email.si] 
Sent: Monday, 29 January 2007 9:54 AM
To: framework at metasploit.com
Subject: [framework] learning buffer overflows

Hi,

first off, sorry for being offtopic and unpolite. I know this is not the
right 
list for questions like mine, but anyway... people here are nice and they
have 
knowledge so maybe someone will help...

I'm trying to learn buffer overflows and have already conqured some basic 
knowledge. But when it comes to the "real thing" BOFs could be real PITA. 
Recently I came across buffer overflow in  Multicast Information
(mrinfo.exe) 
in Windows XP SP2. I didn't find this issue myself of course. This is an old

and well known bug.

To cut a long and boring story short. Here's the link with (wanna be) perl 
exploit: 

http://localhostr.com/files/0dd54859f6734930a94b.zip

If anyone is willing to help - more informations and questions are included
in 
perl script.

Thank you very much.
/ex. 

____________________
http://www.email.si/