Wednesday, June 24, 2009

Windows Heap Overflows using Process Environment Block (PEB)

After a bunch of googling to find out what PEB was I happened upon this old milw0rm paper, which answered that question and the one I was going to ask next: How is it used in exploitation:

http://milw0rm.org/papers/66

1 comment:

cw said...

Immunity Debugger has a PEB enumeration script also, but I'm not sure of it's in the current release or not. Also, I have heard there is some heap magic that can be performed in Vista with the help of the PEB, but I don't know further details.