Thread-topic: [VulnWatch] WLSI - Windows Local Shellcode Injection - Paper
> -----Original Message-----
> From: Cesar [mailto:cesarc56@xxxxxxxxx]
> Sent: Wednesday, March 15, 2006 3:02 AM
> To: full-disclosure@xxxxxxxxxxxxxxxxx;
> bugtraq@xxxxxxxxxxxxxxxxx; vulnwatch@xxxxxxxxxxxxx
> Subject: [VulnWatch] WLSI - Windows Local Shellcode Injection - Paper
>
> Hi.
>
> For those who didn't attend to Black Hat Europe nor
> EuSecWest, here is the paper on which the presentation
> was based.
>
>
> WLSI - Windows Local Shellcode Injection
>
> Abstract:
> This paper describes a new technique to create 100%
> reliable local exploits for Windows
> operating systems, the technique uses some Windows
> operating systems design weaknesses
> that allow low privileged processes to insert data on
> almost any Windows processes no matter
> if they are running under high privileges. We all know
> that local exploitation is much easier
> than remote exploitation but it has some difficulties.
> After a brief introduction and a description
> of the technique, a couple of samples (Exploits for
> MS05-012 and MS05-040) will be provided so the reader
> will be able to write
> his/her own exploits.
>
>
>
> Enjoy.
>
> Cesar.
>
> __________________________________________________
> Do You Yahoo!?
> Tired of spam? Yahoo! Mail has the best spam protection around
>
>
