Hi,
Anyone has an idea why MS06-040 doesn't work against SP1 while the SP0 can even both of them have b/o protection? As what I understand sp1 contains random cookies but when I debug this I found, the process stopped before the cookies checking with this error msg: Process terminated C0000409 It looks if the cookies is random, instead of overwriting the static cookies value, if we can add own cookies value in the static address 0x71c8c1ec and during the cookies inspection it wont fail. I found this works on sp0 but not sp1 Any idea ?
_______________________________________________ Framework-Hackers mailing list Framework-Hackers@spool.metasploit.com http://spool.metasploit.com/mailman/listinfo/framework-hackers
