I'm starting to do win32 exploits and shellcoding, but I hit a problem when a supposed vulnerable program won't segfault when run on my machine. I wrote it in dev-cpp's ide with console mode template. When run on command line on windows 2000 professional; [ the A's were on the commandline, email client put it below] C:\sources\vuln1 AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA [pretty sure it was sufficient] C:\sources\ When finnished running, there is nothing; no output, no errors, no pop-up boxes. Tried it as a regular user and as administrator. However, when run with the same arguments on windows millenium, a standard pop-up comes up stating that vuln1 has caused an error in <unknown> module and will be shutdown. No detail button on the dialog though. vuln1.c -------------------------------------------- #include <stdio.h> #include <stdlib.h> int main(int argc, char *argv[]) { char buffer[30]; if(argc > 1) { strcpy(buffer, argv[1]); } return(0); } Maybe dev-cpp changes the way strcpy functions? Or win2k works way diferent than I expect? I've done exploits with linux and bsd, and to my knowledge this should be the same. Any help would be greatly appreciated. _________________________________________________________________ Add photos to your messages with MSN 8. Get 2 months FREE*. http://join.msn.com/?page=features/featuredemail
This archive was generated by hypermail 2b30 : Mon Jul 14 2003 - 12:01:43 PDT