Public Exploit Code:

Use from this sites

  1. Exploit DB (Mainted by offensive security)
  2. SecurityFocus Vulnerability Archies (Maintained by Symantec)

search exploit in archive using searchsploit tool

   >> searchsploit slmail

Fixing Public Exploit:

  1. observing libraries it is clear it should be compilled in Linux like environment .
  2. return address irrelevent
  3. hard coded shell-code
  4. buffer-offset misaligned

cross-compiling linux exploit to windows

  1. libraries indicate code should be compiled in windows environment
  2. embedded bind shell payload
  3. return address irrelevant to target
ming tool :

i586-mingw32msvc-gcc 646-fixed.c

i586-mingw32msvc-gcc 646-fixed.c -lsw2_32 -o slmali-windows.exe

results matching ""

    No results matching ""