Results 1 to 4 of 4

Thread: CVE-2009-0927 - getIcon() overflow question

  1. #1
    Just burned his ISO
    Join Date
    May 2007
    Posts
    24

    Default CVE-2009-0927 - getIcon() overflow question

    Hey everyone, I've been playing around with one of the more recent poc's from milworm ( hxxp : // milw0rm [dot] com/exploits/8595 )

    Now, the poc works perfectly and brings up calc. However I was wanting to try exchanging shellcodes to get some more experience with metasploits ability to generate shellcode.

    However, the question I have is what do I open/view/edit the pdf file with in order to see the javascript exploit and thus the shellcode that the poc author included. The author's note says to change the shellcode, but I'm not sure how to get to it, because opening the file obviously just closes the pdf and opens calc instead.

    Thanks all, any help is appreciated
    In a world without fences, who needs Gates?

  2. #2
    Good friend of the forums
    Join Date
    Feb 2009
    Posts
    356

    Default

    you're not learned to walk, and you already want to run.... no way man. Learn walking first. Start programming in Perl or C++, or Python. Things will get pretty clear from then on. If you go the path you took, you will get exactly nowhere.

  3. #3
    Jenkem Addict imported_wyze's Avatar
    Join Date
    Jul 2007
    Posts
    1,543

    Default

    Quote Originally Posted by xorred View Post
    you're not learned to walk, and you already want to run.... no way man. Learn walking first. Start programming in Perl or C++, or Python. Things will get pretty clear from then on. If you go the path you took, you will get exactly nowhere.
    Bullsh*t... I'm a coder and understanding how to manipulate the shellcode in this exploit has nothing to do with python, perl bash etc. I decided tonight to finally dive into the PDF exploits, and am gradually figuring out the PDF document structure.

    Figuring out how to edit them correctly has been a bit of a nightmare. I highly doubt you know anything about this particular PoC xorred, so unless you have something educational to contribute in this thread, I'd suggest you keep your menial opinions to yourself.

    @ OP: Wrong section to post in btw.
    dd if=/dev/swc666 of=/dev/wyze

  4. #4
    Just burned his ISO
    Join Date
    May 2007
    Posts
    24

    Default

    Thanks for the reply guys.

    @ xorred : While no help, thanks for the input... I code all day at work, and have been for a while now. Look man, I'm just trying to learn... so if you have any point in the right direction as far as this poc goes, I'd love to hear it.

    @ wyze : Thanks for the post. Any point in the right direction by chance?


    Thanks
    In a world without fences, who needs Gates?

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •