Hacking Windows CE

More documents

Recommendations

Info

ConclusionThe codes talked above are the real-lifebuffer overflow example in Windows CEBecause of instruction cache, the decodingshellcode is not good enoughInternet and handset devices are growingquickly, so threats to the PDAs and mobilesbecome more and more seriousThe patch of Windows CE is more difficultand dangerous
Reference[1] ARM Architecture Reference Manualhttp://www.arm.com[2] Windows CE 4.2 Source Codehttp://msdn.microsoft.com/embedded/windowsce/default.aspx[3] Details Emerge on the First Windows Mobile Virushttp://www.informit.com/articles/article.asp?p=337071[4] Pocket PC Abuse - Seth Fogiehttp://www.blackhat.com/presentations/bh-usa-04/bh-us-04-fogie/bh-us-04-fogie-up.pdf[5] misc notes on the xda and windows cehttp://www.xs4all.nl/~itsme/projects/xda/[6] Introduction to Windows CEhttp://www.cs-ipv6.lancs.ac.uk/acsp/WinCE/Slides/[7] Nasiry 's wayhttp://www.cnblogs.com/nasiry/[8] Programming Windows CE Second Edition - Doug Boling[9] Win32 Assembly Componentshttp://LSD-PLaNET
Page 1 and 2: Hacking Windows CEsan@nsfocus.comsa
Page 4 and 5: Windows CE Overview(2)ARM Architect
Page 6 and 7: Memory Management(2)
Page 8 and 9: Memory Management(4)Slot 0 layout
Page 10 and 11: Processes and Threads(2)When a proc
Page 12 and 13: API Address Search(1)Locate the loa
Page 14 and 15: API Address Search(3)Export Directo
Page 16 and 17: Shellcode(2)Something to attention
Page 18 and 19: System CallWindows CE APIs implemen
Page 20 and 21: Buffer Overflow Demo(2)The variable
Page 22 and 23: Buffer Overflow Demo(4)A failed exp
Page 24 and 25: About Decoding Shellcode(1)Why need
Page 26 and 27: About Decoding Shellcode(3)A succes
Page 30: Thank You!san@nsfocus.comsan@xfocus

Hacking Windows CE

Create successful ePaper yourself

Delete template?

Save as template?