tag:blogger.com,1999:blog-40962726818154227862011-07-31T04:13:28.646-07:00This is a blog for me to be able to publish all of the exploits i have wrote and keep the community up to date.n00bhttp://www.blogger.com/profile/04074265990996888230noreply@blogger.comBlogger41100tag:blogger.com,1999:blog-4096272681815422786.post-51195304785951920042009-06-04T15:23:00.000-07:002009-06-04T15:26:50.475-07:00Ida pro 5.5 is due for released this week some time so snap it up :) <br />I'm looking forward to testing it and looking at some of the new functions it <br />has. <br /><br /><a href="http://hexblog.com/2009/06/ida_pro_55_goes_alpha.html"><br />IDA Pro 5.5 goes alpha </a><div class="blogger-post-footer"><img width='1' height='1' src='https://blogger.googleusercontent.com/tracker/4096272681815422786-5119530478595192004?l=n00b-n00b.blogspot.com' alt='' /></div>n00bhttp://www.blogger.com/profile/04074265990996888230noreply@blogger.com1tag:blogger.com,1999:blog-4096272681815422786.post-22866868469731739002009-05-22T11:51:00.000-07:002009-06-01T12:13:45.845-07:00The poc code can be found here im working on getting shell code execution over the next day or 2 as im working on 3 exploits already atm.And am very busy. <br /> <br />Btw His0k4 your exploits don't work <br /> <br /><br /> ---------------------------------------------<br />Here is the poc code for the overflow. <br /><a href="http://www.milw0rm.com/exploits/8767 "><br />Winamp 5.551 MAKI Parsing Integer Overflow PoC</a><br /> ---------------------------------------------<br /><br />I managed to get shell code executed over the weekend and <br />the exploit has been sent over at milwr0m. <br /> <br />I will update with a link as soon as it goes <br />up and Also works for vista sp1 and windows xpsp3 <br /> <br />Please stay tuned im working on a few integer overflows <br />of my own.<br /><br />Here is the working exploit code for the overflow. <br /><a href="http://www.milw0rm.com/exploits/8783 "><br />Winamp 5.551 MAKI Parsing Integer Overflow Exploit</a><div class="blogger-post-footer"><img width='1' height='1' src='https://blogger.googleusercontent.com/tracker/4096272681815422786-2286686846973173900?l=n00b-n00b.blogspot.com' alt='' /></div>n00bhttp://www.blogger.com/profile/04074265990996888230noreply@blogger.com0tag:blogger.com,1999:blog-4096272681815422786.post-21507975347243184322009-05-07T15:31:00.000-07:002009-05-13T06:48:36.167-07:00I was not sure how to class this bug as i never done any research covering integer overflow's or function pointer manipulation. <br /> <br />The write access violation was found by replacing bytes within a specially crafted spread sheet.<br /> <br />I am getting in touch with a few people to see if exploitation is possible or feezable to run arbitrary code execution. <br /> <br />Will update in a few days.<br /><br />:Update:<br />Information has been submitted to a company for further analysis.<div class="blogger-post-footer"><img width='1' height='1' src='https://blogger.googleusercontent.com/tracker/4096272681815422786-2150797534724318432?l=n00b-n00b.blogspot.com' alt='' /></div>n00bhttp://www.blogger.com/profile/04074265990996888230noreply@blogger.com0tag:blogger.com,1999:blog-4096272681815422786.post-18401989434212972982009-04-07T05:06:00.000-07:002009-04-08T03:37:46.146-07:00These are the buffer overflows i recently found <br />in the xbmc application they have been pached as of<br />now you can get the new version of xbmc from there<br />web site.<br /><br /><a href="http://www.milw0rm.com/exploits/8354 ">XBMC 8.10 GET Request Remote Buffer Overflow Exploit (SEH) (univ)</a><br /><br /><a href="http://www.milw0rm.com/exploits/8337">XBMC 8.10 (GET Requests) Multiple Remote Buffer Overflow PoC</a><br /><br /><a href="http://www.milw0rm.com/exploits/8338">XBMC 8.10 (Get Request) Remote Buffer Overflow Exploit (win)</a><br /><br /><a href="http://www.milw0rm.com/exploits/8339">XBMC 8.10 (takescreenshot) Remote Buffer Overflow Exploit</a> <br /><br /><a href="http://www.milw0rm.com/exploits/8340">XBMC 8.10 (get tag from file name) Remote Buffer Overflow Exploit</a> <br /><br />Im a little bussy atm and will sort blog out some time this week .<div class="blogger-post-footer"><img width='1' height='1' src='https://blogger.googleusercontent.com/tracker/4096272681815422786-1840198943421297298?l=n00b-n00b.blogspot.com' alt='' /></div>n00bhttp://www.blogger.com/profile/04074265990996888230noreply@blogger.com0