->Hello, I came here on advice on what to do after finding a zero day for a program for windows.
->It gets the exploiter admin rights and is remote.
->I haven't written an exploit yet, due to not having any information on how the exploited software works, my knowledge of this vulnerability is bare minimum, I only know that I managed to overflow the memory somewhere.
->Would it be possible for me to sell this information about the vulnerability or should I first actually develop an exploit and then sell it.
->I am not entirely sure what kind of vulnerability it is but I think it is a buffer overflow(no idea if it is heap or stack). How can I find out details of the memory and develop an exploit for it. I know how to write exploits but the software is closed source and I got nothing to look at.
10 Responses
How do you know it gives you admin rights, when you later imply you haven't yet written the exploit? Or is this something you are willing to make, because that would be a bit too much to answer right here. OTW has a lot of very good articles on writing exploits so I suggest you follow those first, before you start offering your exploits that you have / haven't made (?) on the market.
I know it gives admin rights because to has to run with admin rights. It wont work without having admin rights
You didn't find a zero day you 've just found a vulnerability
You 've just found a vulnerability without telling us how you did this(methods etc)
How do you think that is buffer overflow and you are not sure?You didn't test It? I mean It is a buffer overflow vulnerability or It isn't.
A vulnerability doesn't always drives to exploitation
If you send to someone an email and tell him that you know about a vulnerability without proof of concept and without knowing what exactly is the vulnerability he will not take you seriously.
Mind alluding to what the program is?
I agree. You did NOT find a zero day. All you found is a vulnerability.
So it seems you found a vulneribility i did some tutorials on exploit development on http://www.thehackspace.org/forumdisplay.php?fid=3here
If you cant find any usefull info there feel free to pm me and i Will do my best to help you
Thanks so I know I overflowed the buffer. I know it has admin rights because in order to work must run with admin privelages. I understand that this is just a vulneribility but should I be able to develop an exploit for it? Is there a possibility that investing time into this would not be beneficial(meaning that this vulnerability may not be exploitable)
I sended you a message with my skype so we can figure it out and maybe develop an exploit
Since you said it has to run with admin privileges, I doubt it to be beneficial. First, of course, if I were you, I'd search the vulnerability and an exploit database, and if it isn't there, then I'd think on developing an exploit. Just a time-saver.
But, a good way to know it would be to scan the exploit with some AVs. For that though, you'd want to make the exploit. But it's a good way to decide if it'd be beneficial. Things get a bit confusing here, so I'd say,
If you are fairly sure it will work well, then go ahead.
-The Joker
what do you meen by scanning the exploit when he hasn't made the exploit yet
Share Your Thoughts