Windows Heap Overflows using Process Environment Block (PEB)
After a bunch of googling to find out what PEB was I happened upon this old milw0rm paper, which answered that question and the one I was going to ask next: How is it used in exploitation:
Immunity Debugger has a PEB enumeration script also, but I'm not sure of it's in the current release or not. Also, I have heard there is some heap magic that can be performed in Vista with the help of the PEB, but I don't know further details.
1 comment:
Immunity Debugger has a PEB enumeration script also, but I'm not sure of it's in the current release or not. Also, I have heard there is some heap magic that can be performed in Vista with the help of the PEB, but I don't know further details.
Post a Comment