Vulnerability Development mailing list archives
Re: Getting Base Address using the Structured Exception Handler
From: Gerardo Richarte <gera () corest com>
Date: Thu, 26 Jun 2003 12:02:59 -0300
Gerardo Richarte wrote:
However, now that you ask about it, I can think of two ways to use SEH to find kernel32 in memory, however, I'm writing realtime, so I'm not sure if it'll work or not (let me know if you try it :-).
2nd trick: to know the address of ntdll.dll may be easy using SEH:
I've been just told by hernan sitting here next to me that this technique is well know (or just known), and was used before, so, original credits go to them. If anybody has a pointer for it, please go ahead and send it. gera PS: Of course the 1st trick might also be known
Current thread:
- Getting Base Address using the Structured Exception Handler Nobody Mind (Jun 25)
- Re: Getting Base Address using the Structured Exception Handler dave (Jun 25)
- Re: Getting Base Address using the Structured Exception Handler Costin Ionescu (Jun 26)
- Re: Getting Base Address using the Structured Exception Handler sk (Jun 26)
- Re: Getting Base Address using the Structured Exception Handler Gerardo Richarte (Jun 26)
- Re: Getting Base Address using the Structured Exception Handler Gerardo Richarte (Jun 26)
- Re: Getting Base Address using the Structured Exception Handler Gerardo Richarte (Jun 26)