All Posts Tagged Tag: ‘corelanc0d3r’

  • QuickZip Stack BOF : A box of chocolates – part 2

    Today (as promised in part 1 of the QuickZip Stack BOF exploit write-up), I will explain how to build the exploit for the quickzip vulnerability using a pop pop ret pointer from an OS dll. At the end of part 1, I challenged you, the …

    Read More →
  • Image121

    QuickZip Stack BOF 0day: a box of chocolates

    A few days ago, one of my friends (mr_me) pointed me to an application that appeared to be acting somewhat “buggy” while processing “specifically” crafted zip files.  After playing with the zip file structure for a while (thanks again, mr_me, for documenting the zip file …

    Read More →