>From: xenophi1e <oliver.laveryat_private> >Date: 7 Jun 2003 18:34:59 -0000 > > > >The windows "Search for files and folders" utility will search binaries >and > >can often find the linkage names of functions and dlls they call. None > >*Lol*. I never would have thought to use the pretty GUI with the little >doggie for anything like this. But of course, it's really just a not-so- >good strings / objdump | grep. It's a quick and dirty hack, that's why I like it :) Of course it won't find linkages that are only specified by function ordinal, so you get false negatives. >Yeah, another obvious problem I realised after posting is that MAX_PATH >on windows is 260 / 0x104. So the overflowable buffer is MAX_PATH >characters long. Heh, as I found out also when trying to create a .eot file with an overly long name! >There's some protection since applications that are well >written probably won't call a file open sort of function with a filename >longer than MAX_PATH. Of course we all know how many applications are >actually well written... The question is, can we get any application to try and LZOpenFileA a file without first performing a check-for-existence test? I haven't managed to fool IE or OE yet with any of the usual MIME / CID: tricks.... DaveK _________________________________________________________________ Find a cheaper internet access deal - choose one to suit you. http://www.msn.co.uk/internetaccess
This archive was generated by hypermail 2b30 : Tue Jun 10 2003 - 13:31:42 PDT