Anyone know of a public POC for MS08-067? My employer is interested in specific details I can only get by A) screwing around in IDA Pro looking for the function call that b0rks this; or B) reading through a proof-of-concept, familiarizing myself with the SMB protocol in context, and figuring out exactly what's going on here.

The best I've found is an explanation on MSDN (which I'm not allowed to post yet, since I need to make 15 or more posts...), but it only helps with (A)


(Note that, among other things, it's always possible to grab the patch itself, compare its contents to the currently installed DLLs, and look at the changes specifically... not the easiest thing in the world but doable, just very time consuming for us rank amateurs in the exploit dev arena, and assumes you can make sense of what you read)