Skip to main content

Posts

Showing posts from July, 2017

OSCE - CTP Course Preparation - HeapSpray + SEH + EggHunter

Introduction Hello humans! I have been busy working preparing myself for the CTP Course and wanted to share my experience.
Just a quick disclaimer , i am not an expert exploit developer so maybe i have made some mistakes and certainly there are better ways to do the things but hey we must Try harder. In this post we will combine some exploitation methods to make a reliable vulnerability for RSP Mp3 OCX on Windows XP Sp3 (IE 7).
I know the software are outdated and not anything new but We must learn to walk before we can run. 
Environment Victim MachineWindows XP Sp3 with Internet Explorer 7Vulnerable ApplicationImmunity Debuggermona.py Attacker  Metasploit Framework Good Editor To register the vulnerable application you must run the register.bat and set the Internet Explorer Security level to LOW for Local Intranet.
Exploitation 101 If you are preparing for OSCE i assume you know basic exploit development so i wont explain in details the exploitation methods. I will focus on the combin…