Articles by ‘fdisk’

Winamp 5.58 from Denial of Service to Code Execution Part 2

2nd November 2010

Understanding the Winamp Memory Layout

This post is a continuation of part 1 of Winamp 5.58 from Denial of Service to Code Execution.

Winamp

The solution we used on the first Winamp in_mod_plugin exploit was not as elegant as we would like. First of all, it used a lot of code and secondly, the work that was required to change the shellcode was not a trivial undertaking. So in this post, we present a way to improve the second flaw and make this script kiddie friendly. (more…)

Winamp 5.58 from Denial of Service to Code Execution

20th October 2010

Winamp

Some days ago, we posted a proof of concept published by Luigi Auriemma outlining Multiple Denial Of Service Vulnerabilities in Winamp. Unlike most submissions we receive, the PoC posted by the author didn’t contain a script to replicate the attack, but only contained files ready to be loaded into Winamp.

After some days we got an e-mail from ryujin…

(more…)