Posts Tagged "encoder"

QuickZip Stack BOF : A box of chocolates – part 2

Today (as promised in part 1 of the QuickZip Stack BOF exploit write-up), I will explain how to build the exploit for the quickzip vulnerability using a pop pop ret pointer from an OS dll. At the end of part 1, I challenged you, the Offensive Security Blog reader, to…

Read More
QuickZip Stack BOF 0day: a box of chocolates

QuickZip Stack BOF 0day: a box of chocolates

A few days ago, one of my friends (mr_me) pointed me to an application that appeared to be acting somewhat “buggy” while processing “specifically” crafted zip files.  After playing with the zip file structure for a while (thanks again, mr_me, for documenting the zip file structure), I found a way…

Read More