..//..//..//..//..//.|.\\..\\.\\..\\..\\.. [-] [+] [+] Playing around with (old?)SEH [-] [-] ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ [+] [+] [-] [-] bY suN8Hclf aka crimsoN_Loyd9 [+] [+] [-] [-] DaRk-CodeRs Group production, kid [+] [+] [-] [-] www.dark-coders.pl [+] [+] [-] [-] 08.06.2008 [+] [+] [-] [-] suN8Hclf[at]vp{dot}.pl [+] [+] crimson{dot}loyd[at]gmail{dot}com [-] [-] [+] ..\\..\\..\\..\\..\\.|.//..//..//..//..//..[>>1<<]. Introduction[>>2<<]. SEH (Structured Exception Handler)[>>3<<]. Coding SEH [>a<] introduction [>b<] implementation[>>4<<]. Exploiting SEH [>a<] shellcodes [>b<] vulnerable vuln.exe [>c<] WIN2000 vs. WINXP SP1 (EBX vs. ESP) [***exploit1.c](classic overflow) [***exploit2.c](using 2 bytes short reverse jump) [***exploit3.c](using long reverse jump) [***exploit4.c](execution in TEB block)[>>5<<]. Summary[>>6<<]. Further reading[>>7<<]. GreetzNOTE: Please excuse my poor English, its not my mother language.
http://www.milw0rm.com/papers/211
[培训]内核驱动高级班,冲击BAT一流互联网大厂工作,每周日13:00-18:00直播授课