Exetools

Exetools (https://forum.exetools.com/index.php)
-   General Discussion (https://forum.exetools.com/forumdisplay.php?f=2)
-   -   Need help in exploiting a kernel vuln (https://forum.exetools.com/showthread.php?t=13200)

SinaDiR 01-10-2011 23:21
Need help in exploiting a kernel vuln
 
Hi,
I just hanged up with a unkn0wn ( at least for me ) scenario in exploiting a kernel vulnerability in windows .
the problem occurs when I try to fix the condition which cause a bug check. if I set EAX to zero and loading ESP+X into EBP the condition fix and no crash happen.
when I do this in debugger ( I modified registers in debugger and set the saved EIP to it's original value ) every thing is fine and no crash happen at all.
but if i do this by assembly code ( which stores in User-land ) , I got a exception ! sample assembly code that I used :

Code:
xor eax, eax
mov ebp, esp
add ebp, XX
jmp OriginalLocation
any body know what happens ? ( maybe little more reversing show the problem , but I think discussion around the problem is so handy :D )
sorry for my horrible eng :(


All times are GMT +8. The time now is 10:23.

Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2026, vBulletin Solutions, Inc.
Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX