-
-
[转帖]Playing around with (old?) SEH by suN8Hclf
-
发表于:
2008-8-19 18:09
3115
-
[转帖]Playing around with (old?) SEH by suN8Hclf
Playing around with (old?) SEH by suN8Hclf
..//..//..//..//..//.|.\\..\\.\\..\\..\\..
[-] [+]
[+] Playing around with (old?)SEH [-]
[-] ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ [+]
[+] [-]
[-] bY suN8Hclf aka crimsoN_Loyd9 [+]
[+] [-]
[-] DaRk-CodeRs Group production, kid [+]
[+] [-]
[-] 861K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6h3c8S2M7X3E0Q4x3X3c8U0L8$3c8W2M7Y4y4Q4x3X3g2H3L8l9`.`. [+]
[+] [-]
[-] 08.06.2008 [+]
[+] [-]
[-] suN8Hclf[at]vp{dot}.pl [+]
[+] crimson{dot}loyd[at]gmail{dot}com [-]
[-] [+]
..\\..\\..\\..\\..\\.|.//..//..//..//..//..
[>>1<<]. Introduction
[>>2<<]. SEH (Structured Exception Handler)
[>>3<<]. Coding SEH
[>a<] introduction
[>b<] implementation
[>>4<<]. Exploiting SEH
[>a<] shellcodes
[>b<] vulnerable vuln.exe
[>c<] WIN2000 vs. WINXP SP1 (EBX vs. ESP)
[***exploit1.c](classic overflow)
[***exploit2.c](using 2 bytes short reverse jump)
[***exploit3.c](using long reverse jump)
[***exploit4.c](execution in TEB block)
[>>5<<]. Summary
[>>6<<]. Further reading
[>>7<<]. Greetz
NOTE: Please excuse my poor English, its not my mother language.
7d3K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6h3#2A6L8s2M7H3M7X3#2Q4x3X3g2U0L8$3#2Q4x3V1k6H3j5i4m8W2M7Y4y4Q4x3V1j5J5x3e0p5`.
[培训]内核驱动高级班,冲击BAT一流互联网大厂工作,每周日13:00-18:00直播授课
