Hi K F,
No, I also thought the same but not. Internally (when
looking into it with a debugger) the "%s" characters
are expanded to something. If you tries the same
exploit changing "%s" with, i.e., "%x" it doesn't
work.
I tried with various other combinations and,
strangely, it only works with the "%s" string.
--
Regards,
Joxean Koret
--- "K F (lists)" <[EMAIL PROTECTED]>
escribió:
> what does %x and %n do? It may just be a format
> string problem.
>
______________________________________________
LLama Gratis a cualquier PC del Mundo.
Llamadas a fijos y móviles desde 1 céntimo por minuto.
http://es.voice.yahoo.com
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
