Net Send Overrun?
Results 1 to 3 of 3

Thread: Net Send Overrun?

  1. #1

    Lightbulb Net Send Overrun?

    OK, in Windows 2000 or NT, the Messenger service is usually run from a console, which has a maximum command length of 250 [or something]. And if you run it from a 'run' menu it does the same.

    But consider this: place this in a Visual Basic form.

    --------------------------------------
    Private Sub Form_Load()

    Dim strMessage As String
    strMessage = "[Large number of letters]"
    Shell "net send localhost " & strMessage & strMessage & _ strMessage & strMessage & strMessage & strMessage & _ strMessage & strMessage & strMessage & strMessage

    End Sub
    ---------------------------------------

    (The same can be achieved with any other programming languages)


    Is this buffer exploitable? Please tell me. I've tried and nothing's worked.
    WE ARE the anti cancer...
    WE ARE the only answer...
    email
    Share on Google+

  2. #2
    Senior Member
    Join Date
    Oct 2001
    Posts
    175

    Hmm

    fiend...

    I don't run Win2000 so I can't test it but...

    The code that you have just posted is the equivilent to typing this at the Start > Run menu:

    net send localhost [a really long message]

    The VB code you supplied would have saved you the extra typing...but it could have all been typed by the user at the command line.

    If the Messenger service has a maximum input of 250 characters, then it will not accept the "really long message" either way (by typing or VB program).

    Sorry, Good thought though

    Hope this Helped
    Simon Templer

    \"Your work is to discover your world and then with all your heart give yourself to it. \"
    -The Buddha
    Share on Google+

  3. #3
    Senior Member faust's Avatar
    Join Date
    Oct 2001
    Location
    Chicagoland/Murphysboro
    Posts
    105
    btw net send will que 6 messages, so thats about the worst you can do is DoS attack the localhost or user. batch files is the way we tested. never did see a buffer overflow, we tried!
    Share on Google+

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •