[prev in list] [next in list] [prev in thread] [next in thread]
List: vuln-dev
Subject: exploiting/debuggin SetUnhandledException filter
From: RaMatkal () hotmail ! com
Date: 2005-06-20 8:05:31
Message-ID: 20050620080531.32508.qmail () securityfocus ! com
[Download RAW message or body]
Hi,
I am working on a Win heap overflow that gives me control of eax and ecx and hence \
allows me to write a double word of memory to an arbitrary location...
I overwrite the SetUnhandledException filter with an address that will bounce me back \
to my shellcode.
the only problem is, that the unhandledexception filter does not get called while the \
vulnerable process is being debugged, say with ollydbg.
I think i remember reading somewhere that it is possible to make the \
UnhandledException filter get called from within a standard debugger such as ollydbg \
and was wandering if anyone knows how to do this...
(Kernel level debugger is not an option ie SoftIce)
Thanks very much
RaMatkal
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic