Welcome to HBH! If you have tried to register and didn't get a verification email, please using the following link to resend the verification email.

cmd.exe buffer overflow


ghost's Avatar
0 0

This is probably very useless considering to run cmd.exe remotely you'd already need to have access, but I found cmd.exe has a buffer overflow vuln. I havn't tested it too far, but i copied 570 A's into cmd.exe and corrupted the stack by just a lot. Writing out code for this shouldn't be too hard if you know basic programming in C, so I'll leave that part up to you.

I guess this could be used in a floppy to gain quick admin on a machine at school or w/e if you find or write up some shellcode, but any more possibilities for this are beyond me. So, if anything you walk away with the knowledge that windows has one more reason to suck.