Apache-Talk @lexa.ru 

Inet-Admins @info.east.ru 

Filmscanners @halftone.co.uk 

Security-alerts @yandex-team.ru 

nginx-ru @sysoev.ru 

   


   


   

















      :: Security-alerts
Security-Alerts mailing list archive (security-alerts@yandex-team.ru)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[security-alerts] FW: [VulnWatch] WLSI - Windows Local Shellcode Injection - Paper



> -----Original Message-----
> From: Cesar [mailto:cesarc56@xxxxxxxxx] 
> Sent: Wednesday, March 15, 2006 3:02 AM
> To: full-disclosure@xxxxxxxxxxxxxxxxx; 
> bugtraq@xxxxxxxxxxxxxxxxx; vulnwatch@xxxxxxxxxxxxx
> Subject: [VulnWatch] WLSI - Windows Local Shellcode Injection - Paper
> 
> Hi.
> 
> For those who didn't attend to Black Hat Europe nor
> EuSecWest, here is the paper on which the presentation
> was based.
> 
> 
> WLSI - Windows Local Shellcode Injection
> 
> Abstract:
> This paper describes a new technique to create 100%
> reliable local exploits for Windows
> operating systems, the technique uses some Windows
> operating systems design weaknesses
> that allow low privileged processes to insert data on
> almost any Windows processes no matter
> if they are running under high privileges. We all know
> that local exploitation is much easier
> than remote exploitation but it has some difficulties.
> After a brief introduction and a description
> of the technique, a couple of samples (Exploits for
> MS05-012 and MS05-040) will be provided so the reader
> will be able to write
> his/her own exploits.
> 
> http://www.argeniss.com/research/WLSI.zip
> 
> Enjoy.
> 
> Cesar.
> 
> __________________________________________________
> Do You Yahoo!?
> Tired of spam?  Yahoo! Mail has the best spam protection around 
> http://mail.yahoo.com 
> 



 




Copyright © Lexa Software, 1996-2009.