Bugtraq: Exploiting default exception handler to increase exploit stability on win32

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Bugtraq mailing list archives

Exploiting default exception handler to increase exploit stability on win32

From: tal zeltzer <tal.zeltzer () gmail com>
Date: 1 Nov 2004 19:02:56 -0000



Summary:

Every win32 application has a default exception handler which can be abused to increase 
exploit stability in the case of a stack overflow


Impact:

The results of such attack is an exploit with two return addresses

Proof of Concept:

a tutorial And proof of concept code is available at 

http://www.securityforest.com/wiki/index.php/Exploit:_Stack_Overflows_-_Exploiting_default_seh_to_increase_stability

Credit:

Discovered by tal zeltzer.

By Date By Thread

Current thread:

Exploiting default exception handler to increase exploit stability on win32 tal zeltzer (Nov 02)