Posts

Showing posts with the label Structured Exception Handler

Windows Exploit Development : Exploiting Structured Exception Handling and ROP Chaining

Image
Hi folks this post is a continuation of a series I'm doing covering the fundamentals of windows exploit development. In this post I'm going to inch a little closer to arbitrary code execution by showing you how to chain ROP gadgets and one or two stack pivoting tricks.

So here's how this post is going to go:
We we're gonna look at how Structured Exception handling worksWe're gonna break it and show how it breaksThen we're going to make it execute whatever code we wantFigure out how to fix our stack pointerChain some ROP gadgets What you needWindows Virtual Machine Debugger Tools for windowsEasy MPEG to DVD Burner (copy available on exploit-db)ImmunityDBG(optional) python script memcoder.py https://gist.github.com/k3170makan/7f55d25869f3f812f8c3706089c0a74c Reverse Engineering Structured Exception Handling
Structured Exception handling is a mechanism offered to functions in that allow them to customize their responses to hardware and software exceptions. Hardwar…