You're either lazy i did
i really don't appreciate your troll (with out any investigation and analysis ) On Wed, Jul 10, 2013 at 3:03 AM, kaveh ghaemmaghami < [email protected]> wrote: > Hello list, > regarding to nonsense VLC post > > http://www.jbkempf.com/blog/post/2013/More-lies-from-Secunia?pub=0#pr > > 1.we said that this was a crash, not an exploitable security issue > > and funny publication Comment > > You forget to mention most important thing: If Secunia Research is > professional, why don't they provide you with working exploit? (in example > EIP = 0x41414141) I'm sure company like VUPEN would do just that to prove > they point. Isn't worth to point out on other sites? (e.g. netsec) > I really like this > https://twitter.com/Secunia/status/...<https://twitter.com/Secunia/status/337140449712156672> > you can spot _two_ lies - first they don't find ANY vuln, second their > lying about timeframe. > > > Here is your VUPEN 0x41414141 > > > ModLoad: 64fb0000 650d8000 C:\Program Files > (x86)\VideoLAN\VLC\plugins\demux\libmkv_plugin.dll > > (be8.f0c): Access violation - code c0000005 (first chance) > First chance exceptions are reported before any exception handling. > This exception may be expected and handled. > eax=02b92a18 ebx=00890000 ecx=41414141 edx=00100000 esi=02bccbd8 > edi=00890178 > eip=77163fbb esp=04d1f324 ebp=04d1f348 iopl=0 nv up ei ng nz na po > cy > cs=0023 ss=002b ds=002b es=002b fs=0053 gs=002b > efl=00010283 > ntdll!RtlImageNtHeader+0xe37: > 77163fbb 8b11 mov edx,dword ptr [ecx] > ds:002b:41414141=???????? > > 0:010> g > > (be8.f0c): Access violation - code c0000005 (!!! second chance !!!) > eax=02b92a18 ebx=00890000 ecx=41414141 edx=00100000 esi=02bccbd8 > edi=00890178 > eip=77163fbb esp=04d1f324 ebp=04d1f348 iopl=0 nv up ei ng nz na po > cy > cs=0023 ss=002b ds=002b es=002b fs=0053 gs=002b > efl=00010283 > ntdll!RtlImageNtHeader+0xe37: > 77163fbb 8b11 mov edx,dword ptr [ecx] > ds:002b:41414141=???????? > > 0:010> r ecx > > ecx=41414141 > > 0:010> d ecx > 41414141 ?? ?? ?? ?? ?? ?? ?? ??-?? ?? ?? ?? ?? ?? ?? ?? ???????????????? > 41414151 ?? ?? ?? ?? ?? ?? ?? ??-?? ?? ?? ?? ?? ?? ?? ?? ???????????????? > 41414161 ?? ?? ?? ?? ?? ?? ?? ??-?? ?? ?? ?? ?? ?? ?? ?? ???????????????? > 41414171 ?? ?? ?? ?? ?? ?? ?? ??-?? ?? ?? ?? ?? ?? ?? ?? ???????????????? > 41414181 ?? ?? ?? ?? ?? ?? ?? ??-?? ?? ?? ?? ?? ?? ?? ?? ???????????????? > 41414191 ?? ?? ?? ?? ?? ?? ?? ??-?? ?? ?? ?? ?? ?? ?? ?? ???????????????? > 414141a1 ?? ?? ?? ?? ?? ?? ?? ??-?? ?? ?? ?? ?? ?? ?? ?? ???????????????? > 414141b1 ?? ?? ?? ?? ?? ?? ?? ??-?? ?? ?? ?? ?? ?? ?? ?? ???????????????? > > POC included > > Stay Secure > > Regards > Kaveh >
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
