Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Bugtraq: OllyDbg long process Module debug Vulnerability

OllyDbg long process Module debug Vulnerability

From: ATmaCA ATmaCA <atmaca_at_atmacasoft.com>
Date: 19 Mar 2005 06:11:51 -0000
('binary' encoding is not supported, stored as-is) Vendor:
Oleh Yuschuk

Application:
OllyDbg
http://home.t-online.de/home/Ollydbg/

Introduction:
OllyDbg is a 32-bit assembler level analysing debugger for Microsoft® Windows®.
Emphasis on binary code analysis makes it particularly useful in cases where source is unavailable.

Affected Versions:
1.10 (final version) and prior versions.

Overview:
In OllyDbg, if a target process loads modules that contains long name
(greater than around 200 bytes), OllyDbg will be crashed.

This hole can be used for an anti-debug method for OllyDbg.

Vendor Status:
No vendor response.

Discovery:
ATmaCA
atmaca_at_atmacasoft.com
www.atmacasoft.com
www.spyinstructors.com
Credit to Kozan

POC:
Debug this program with OllyDbg,
when the program runs, a folder that named "olly hole" will be
created on desktop and a long named dll will be created in
this folder. then it will load this and finally
olly debug will be crashed.

http://www.atmacasoft.com/exp/OllyHole.exe
Received on Mar 19 2005

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
edgeos