jetlib.sec » Bugtraq » SafeSEH+SEHOP all-at-once bypass explotation method principles

Feeds

132963 items (0 unread) in 27 feeds

• 1337day (was: Inj3ct0r, 1337db)
• OSVDB Vulnerabilities
• Exploit-DB
• SecurityFocus Vulnerabilities
• Bugtraq
• Full Disclosure
• XSSed
• Packet Storm Security Headlines
• Packet Storm Security Advisories
• Packet Storm Security Exploits
• Packet Storm Security Recent Files
• Packet Storm Security Tools
• Packet Storm Security Misc. Files
• Sophos security news
• Sophos product advisories
• Penetration Testing
• SecuriTeam
• BackTrack Linux Forums
• Threatpost
• SecDocs
• carnal0wnage.attackresearch.com
• Carnal0wnage
• Kernel Fun
• Darknet
• The Exploitant
• Hack a Day
• Wirevolution

Bugtraq

• January 12, 2012
• 

  SafeSEH+SEHOP all-at-once bypass explotation method principles

  Posted: January 12th, 2012, 8:58am PST

  Tags:   

  Posted by geinblues on Jan 12

  Hello,
  
  I wrote this to introduce a small paper for my exploitation method of SafeSEH+SEHOP bypass in Oct, 2010.
  (http://www.x90c.org/SEH all-at-once attack.pdf, http://www.exploit-db.com/exploits/15184)
  
  Sadly it's not portable. But leave some thoughts about the method.
  
  - SafeSEH+SEHOP all-at-once bypass explotation method principles
  http://www.x90c.org/SafeSEH+SEHOP principles.pdf
  
  - sehop_chain_validation.c (Reverse Engineering code)...