Category:SEH
From SecurityForest
- Description: How-to exploit default exception handler to gain stability on win32 (Examples written for WinXP Sp1 EN And Win2000 Sp4 EN). Demonstrating how to create exploits with two return addresses.
- Author: tal.z
- Rated:
- Description: This tutorial will exploit Structured Exception Handling Under Win32
- Author: tal.z
- Rated:
- Title: Practical SEH exploitation
- Description: The intention to write this paper was when I’ve started working on an exploit of a daemon, which is described here later. After I was able to trigger the bug, I’ve noticed that a normal overflow would fail, because i had to fulfill too many requisites to get the exploit working. So i came to the conclusion that i have to use another technique. As I’ve heard a lot of SEH (Structured Exception Handler) hacking, I’ve started my browser and googled for a SEH paper, but failed. It seemed that nobody ever described it in a paper. I just found some examples of exploits using this technique, like the well known worm Code Red. As i was too lazy to debug that shit, I’ve started reversing the exception by myself and solved the trick very fast. The following paper will describe my lessons I’ve learned when i tried to get the exploit working.
- Author: THC - Johnny Cyberpunk
- Download: Practical-SEH-exploitation.pdf (http://www.securityforest.com/downloads/educationtree/Practical-SEH-exploitation.pdf)
- Rated:
- Description: This document assumes very little prior knowledge on the part of the reader. There are 4 articles starting with basics of memory layout, basics of windows assembly, local stack overflow, basics of shellcode, writing your own shellcode, exploiting using SEH and remote stack overflow. To make it more interesting the author has also include sample exercises.
- Author: Nish Bhalla
- Download: Win32 Stack Overflow Basics (http://www.securitycompass.com/Case%20Studies.htm)
- Rated:
