Vulnerability Development mailing list archives

Re: Getting Base Address using the Structured Exception Handler

From: Gerardo Richarte <gera () corest com>
Date: Thu, 26 Jun 2003 12:02:59 -0300

Gerardo Richarte wrote:

    However, now that you ask about it, I can think of two ways to
use SEH to find kernel32 in memory, however, I'm writing realtime,
so I'm not sure if it'll work or not (let me know if you try it :-).

   2nd trick:
        to know the address of ntdll.dll may be easy using SEH:


    I've been just told by hernan sitting here next to me that this technique
is well know (or just known), and was used before, so, original credits go
to them. If anybody has a pointer for it, please go ahead and send it.

    gera

PS: Of course the 1st trick might also be known

Current thread:

Getting Base Address using the Structured Exception Handler Nobody Mind (Jun 25)
- Re: Getting Base Address using the Structured Exception Handler dave (Jun 25)
  - Re: Getting Base Address using the Structured Exception Handler Nexus (Jun 26)
    - Re: Getting Base Address using the Structured Exception Handler dave (Jun 26)
- Re: Getting Base Address using the Structured Exception Handler Costin Ionescu (Jun 26)
- Re: Getting Base Address using the Structured Exception Handler sk (Jun 26)
- Re: Getting Base Address using the Structured Exception Handler Gerardo Richarte (Jun 26)
  - Re: Getting Base Address using the Structured Exception Handler Gerardo Richarte (Jun 26)
  - Re: Getting Base Address using the Structured Exception Handler Gerardo Richarte (Jun 26)