All Posts Tagged Tag: ‘corelanc0d3r’
QuickZip Stack BOF : A box of chocolates – part 2
Today (as promised in part 1 of the QuickZip Stack BOF exploit write-up), I will explain how to build the exploit for the quickzip vulnerability using a pop pop ret pointer from an OS dll. At the end of part 1, I challenged you, the …
Read More →
QuickZip Stack BOF 0day: a box of chocolates
A few days ago, one of my friends (mr_me) pointed me to an application that appeared to be acting somewhat “buggy” while processing “specifically” crafted zip files. After playing with the zip file structure for a while (thanks again, mr_me, for documenting the zip file …
Read More →
