|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: Getting Base Address using the Structured Exception Handler
From: sk (sk
scan-associates.net)
Date: Wed Jun 25 2003 - 23:40:34 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Dear Nobody Mind,
HSJ's shellcode (http://hsj.shadowpenguin.org/misc/iis5mdac_exp.txt) works
without using SEH. It should be able to find the kernel32 unless one
'rebase' it to somewhere else.
If you check the aspcode.c
(http://packetstormsecurity.nl/0209-exploits/aspcode.c), SEH is used not
only in getting the kernel32 base memory, but for other purpose too.
sk
----- Original Message -----
From: "Nobody Mind" <cod3po3tyahoo.com>
To: <vuln-devsecurityfocus.com>
Sent: Thursday, June 26, 2003 4:49 AM
Subject: Getting Base Address using the Structured Exception Handler
> I basically am wondering if anyone has links or can
> post a short explanation of why (not how) using the
> SEH method works for getting the base
> address of kernel32.dll and others?
> Thanks
>
>
> __________________________________
> Do you Yahoo!?
> SBC Yahoo! DSL - Now only $29.95 per month!
> http://sbc.yahoo.com
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]