|
Hi,
I am working on a Win heap overflow that gives me
control of eax and ecx and hence allows me to write a double word of
memory to an arbitrary location...
I overwrite the SetUnhandledException filter with
an address that will bounce me back to my shellcode.
the only problem is, that the
unhandledexception filter does not get called while the vulnerable process is
being debugged, say with ollydbg.
I think i remember reading somewhere that it is
possible to make the UnhandledException filter get called from within a standard
debugger such as ollydbg and was wandering if anyone knows how to do
this...
(Kernel level debugger is not an option ie
SoftIce)
Thanks very much
RaMatkal |
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
