Over The Flow (Part 4)
Intro In this post is the final and last post from the Over The Flow Series (you have to read and understand all previous 3 posts to figure out what is going on here). I will finally insert and execute a shell-code in our vulnerable application. But in this article we will also do further analysis on the SEH exploitation and I will try to fully describe exactly what happened in order to gain a remote shell. But first we should be the appropriate music: Note: Paranoia niiiiiiiiice music FYI. Prerequisites To understand all the shit I’ll try to explain you, you should fulfill the following requisites: Basic X86 assembly. Debugging with ollydebug. Basic knowledge of exploitation basics in structured exception handling . Note: Of course you would also have to read the previous three parts . Again a little about Structured Exception Handling (as a reminder) The Structured Exception Handler (SEH) is used to handle exceptions within Windows prog...