Hi. For those who didn't attend to Black Hat Europe nor EuSecWest, here is the paper on which the presentation was based. WLSI - Windows Local Shellcode Injection Abstract: This paper describes a new technique to create 100% reliable local exploits for Windows operating systems, the technique uses some Windows operating systems design weaknesses that allow low privileged processes to insert data on almost any Windows processes no matter if they are running under high privileges. We all know that local exploitation is much easier than remote exploitation but it has some difficulties. After a brief introduction and a description of the technique, a couple of samples (Exploits for MS05-012 and MS05-040) will be provided so the reader will be able to write his/her own exploits. http://www.argeniss.com/research/WLSI.zip Enjoy. Cesar. __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com
This archive was generated by hypermail 2.1.3 : Tue Mar 14 2006 - 16:50:31 PST