Pages: [1]

Author Topic: Need Help. CVE-2011-1999  (Read 2580 times)

0 Members and 1 Guest are viewing this topic.

Offline bcushion

  • /dev/null
  • *
  • Posts: 6
  • Cookies: -1
    • View Profile
Need Help. CVE-2011-1999
« on: April 15, 2012, 06:26:31 am »


I want the cve-2011-1999 crash poc. No need for bypassing aslr and dep. Just modify the eip. And if there is any info about that please tell me.
Sorry for my poor english, and thank you for reading.


An article about that:
http://ifsec.blogspot.com/2012/02/reliable-windows-7-exploitation-case.html
« Last Edit: April 15, 2012, 10:47:05 am by bcushion »
Report to moderator   Logged

Offline Kulverstukas

  • Administrator
  • Zeus
  • *
  • Posts: 6627
  • Cookies: 542
  • Fascist dictator
    • View Profile
    • My blog
Re: Need Help. CVE-2011-1999
« Reply #1 on: April 15, 2012, 08:48:43 am »
The link is broken bro.
Report to moderator   Logged

Z3R0

  • Guest
Re: Need Help. CVE-2011-1999
« Reply #2 on: April 15, 2012, 08:56:50 am »
If you're wanting to change eip, you'll need to find an opcode from a library that the application uses.
Report to moderator   Logged

Offline bcushion

  • /dev/null
  • *
  • Posts: 6
  • Cookies: -1
    • View Profile
Re: Need Help. CVE-2011-1999
« Reply #3 on: April 15, 2012, 10:48:21 am »
Quote from: Kulverstukas on April 15, 2012, 08:48:43 am
The link is broken bro.
Sorry for that. I have correted.
Report to moderator   Logged

Offline bcushion

  • /dev/null
  • *
  • Posts: 6
  • Cookies: -1
    • View Profile
Re: Need Help. CVE-2011-1999
« Reply #4 on: April 15, 2012, 10:49:30 am »
Quote from: m0rph on April 15, 2012, 08:56:50 am
If you're wanting to change eip, you'll need to find an opcode from a library that the application uses.


I am sorry that I don't understand your idea.
Report to moderator   Logged

Z3R0

  • Guest
Re: Need Help. CVE-2011-1999
« Reply #5 on: April 15, 2012, 06:50:50 pm »
Quote from: bcushion on April 15, 2012, 10:49:30 am
I am sorry that I don't understand your idea.
Thank you for the -1, I don't tend to get butthurt easily, but in your case I will make an exception. If you didn't understand what I just said to you, then you obviously do not have the skill to understand how to modify exploits, and I'm further going to assume you wouldn't know where to begin, and even further by assuming you don't know how they work. Do you even know what application this is for, or how you would attack with it?

Oh yeah, FYI, the link for the POC that the author was using was posted at the end of his article, maybe if you took the time to read it, and even begin to understand what the article was even about you would know that (he was talking about alternate methods for bypassing ASLR and DEP). Now get the fuck off my nuts you faggot. -1 for being a complete fucking idiot.
« Last Edit: April 15, 2012, 06:51:43 pm by m0rph »
Report to moderator   Logged

Offline ande

  • Owner
  • Titan
  • *
  • Posts: 2664
  • Cookies: 256
    • View Profile
Re: Need Help. CVE-2011-1999
« Reply #6 on: April 15, 2012, 10:45:42 pm »
Quote from: m0rph on April 15, 2012, 06:50:50 pm
Thank you for the -1, I don't tend to get butthurt easily, but in your case I will make an exception. If you didn't understand what I just said to you, then you obviously do not have the skill to understand how to modify exploits, and I'm further going to assume you wouldn't know where to begin, and even further by assuming you don't know how they work. Do you even know what application this is for, or how you would attack with it?

Oh yeah, FYI, the link for the POC that the author was using was posted at the end of his article, maybe if you took the time to read it, and even begin to understand what the article was even about you would know that (he was talking about alternate methods for bypassing ASLR and DEP). Now get the fuck off my nuts you faggot. -1 for being a complete fucking idiot.

I am sorry to say this m0rph, but he couldent have given you the -1. You have to have at least 10 posts to give karma.
Report to moderator   Logged
if($statement) { unless(!$statement) { // Very sure } }
https://evilzone.org/?hack=true

Offline bcushion

  • /dev/null
  • *
  • Posts: 6
  • Cookies: -1
    • View Profile
Re: Need Help. CVE-2011-1999
« Reply #7 on: April 16, 2012, 05:58:59 am »
Quote from: m0rph on April 15, 2012, 06:50:50 pm
Thank you for the -1, I don't tend to get butthurt easily, but in your case I will make an exception. If you didn't understand what I just said to you, then you obviously do not have the skill to understand how to modify exploits, and I'm further going to assume you wouldn't know where to begin, and even further by assuming you don't know how they work. Do you even know what application this is for, or how you would attack with it?

Oh yeah, FYI, the link for the POC that the author was using was posted at the end of his article, maybe if you took the time to read it, and even begin to understand what the article was even about you would know that (he was talking about alternate methods for bypassing ASLR and DEP). Now get the fuck off my nuts you faggot. -1 for being a complete fucking idiot.
I should reply earlier, but my account was locked since I modified my email. I can login just now.

 I am new here. I don't even konw how to give others -1. Whatever, I apologize for making you so unhappy.
« Last Edit: April 16, 2012, 05:59:37 am by bcushion »
Report to moderator   Logged

Offline cat_vs_mouse

  • /dev/null
  • *
  • Posts: 17
  • Cookies: 0
  • Learning Ruby (and loving it :D)
    • View Profile
Re: Need Help. CVE-2011-1999
« Reply #8 on: April 16, 2012, 08:57:03 am »
Code: [Select]
http://seclists.org/bugtraq/2012/Feb/178

Hope this helps...
Report to moderator   Logged
cat_vs_mouse - Thanks for reading!

Quote from: techb
Humpty Dumpty sat on a wall.
Humpty Dumpty had a great fall.
All the kings horses and all the kings men said, "Fuck him, he's just an egg."

Z3R0

  • Guest
Re: Need Help. CVE-2011-1999
« Reply #9 on: April 16, 2012, 09:15:32 am »
Quote from: ande on April 15, 2012, 10:45:42 pm
I am sorry to say this m0rph, but he couldent have given you the -1. You have to have at least 10 posts to give karma.
Sorry, trolled myself lol, I wasn't having a good day (IRL drama), I apologize. bcushion, I hope you can forgive me. <3
Report to moderator   Logged

Offline bcushion

  • /dev/null
  • *
  • Posts: 6
  • Cookies: -1
    • View Profile
Re: Need Help. CVE-2011-1999
« Reply #10 on: April 16, 2012, 10:52:14 am »
Quote from: m0rph on April 16, 2012, 09:15:32 am
Sorry, trolled myself lol, I wasn't having a good day (IRL drama), I apologize. bcushion, I hope you can forgive me. <3
Take it easy.
Report to moderator   Logged

Offline bcushion

  • /dev/null
  • *
  • Posts: 6
  • Cookies: -1
    • View Profile
Re: Need Help. CVE-2011-1999
« Reply #11 on: April 16, 2012, 11:01:55 am »
Quote from: cat_vs_mouse on April 16, 2012, 08:57:03 am
Code: [Select]
http://seclists.org/bugtraq/2012/Feb/178

Hope this helps...
Thank you for help.
I had searched seclists.org. And that is where my offered link come from. But as the author said "One tiny detail required for triggering the vulnerability has been removed, so the exploit (as given below) should not work, even on vulnerable systems. ".  I am not experienced. I can't make the poc work. So I asked help here. I hope any other could make it work or provide more info aout that.
Sorry for my poor english again.
« Last Edit: April 16, 2012, 11:45:07 am by bcushion »
Report to moderator   Logged

Offline cat_vs_mouse

  • /dev/null
  • *
  • Posts: 17
  • Cookies: 0
  • Learning Ruby (and loving it :D)
    • View Profile
Re: Need Help. CVE-2011-1999
« Reply #12 on: April 16, 2012, 06:58:17 pm »
Then you're gonna have to spend some time debugging the code  :P . Gd luck.
Report to moderator   Logged
cat_vs_mouse - Thanks for reading!

Quote from: techb
Humpty Dumpty sat on a wall.
Humpty Dumpty had a great fall.
All the kings horses and all the kings men said, "Fuck him, he's just an egg."
Pages: [1]