Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Pen-Test
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

question regarding w3who.dll bug

from [Martin Bernhard] Network Security [Permanent Link]
Subject: question regarding w3who.dll bug
Date: Fri, 14 Jan 2005 09:49:47 +0100 (MET) 
Hi,

As one of our clients is running some IIS web servers with w3who.dll on
them, I figured that this would be a good place to start our pen test.
Unfortunately, the exploit in the new release of the Metasploit Framework
did not work on the most important servers (Windows 2000). I have access to
a test system that gives me the opportunity to analyze the bug in detail,
but I can?t figure out what parts in memory are overwritten. Does anybody
know what exactly I have to do to trigger the bug and analyze it (I?m using
ollydbg)?

Any help is much appreciated

-- 
+++ Sparen Sie mit GMX DSL +++ http://www.gmx.net/de/go/dsl
AKTION für Wechsler: DSL-Tarife ab 3,99 EUR/Monat + Startguthaben
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  DoS/DDoS Attack, Faisal Khan
Next by Date:  Re: Discovering users by RCPT TO, Vince Hoang
Previous by Thread:  Sample Risk Assessment Report, Mambo
Next by Thread:  Re: question regarding w3who.dll bug, H D Moore
Indexes:  [Date] [Thread] [Top] [All Lists]